OVAL® International in scope and free for public use, OVAL is an information security community effort to standardize how to assess and report upon the machine state of computer systems. OVAL includes a language to encode system details, and an assortment of content repositories held throughout the community.
Tools and services that use OVAL for the three steps of system assessment — representing system information, expressing specific machine states, and reporting the results of an assessment — provide enterprises with accurate, consistent, and actionable information so they may improve their security. Use of OVAL also provides for reliable and reproducible information assurance metrics and enables interoperability and automation among security tools and services.
| OVAL in the Enterprise | |
|---|---|
|
||||||
Focus On
OVAL Version 5.8
Version 5.8 of the OVAL Language is currently in the Release Candidate stage and is scheduled to be moved to the Official stage on September 15, 2010. Version 5.8 is a minor version change and will not invalidate existing content that currently validates against Version 5.7, the current official version of OVAL.
A complete list of changes for Version 5.8 is available on the Upcoming Minor Version page.
Latest News
Release Candidate of OVAL Version 5.8 Now Available
OVAL Included as Discussion Topic at IT Security Automation Conference 2010, September 27-29
New OVAL Board Member for Hewlett-Packard
Debian Project Now Listed on "Other Repositories" page
OVAL Interpreter Updated to Version 5.7.2
OVAL/Making Security Measurable booth at Black Hat Briefings 2010
Upcoming Events
