|
About the OVAL LanguageThe OVAL Language standardizes the three main steps of the assessment process: representing configuration information of systems for testing; analyzing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.); and reporting the results of the assessment. The documents below explain the OVAL Language in more detail. OVAL Language OverviewExplains how the OVAL Language works, the benefits of the OVAL Language, and how the community participates in the ongoing creation of the OVAL Language. Use CasesSeven use cases that exemplify why a standard like the OVAL Language is needed, and how use of OVAL improves the following areas of information security: distribution of security advisories, vulnerability assessment, patch management, configuration management, auditing and centralized audit validation, security information management systems (SIMs), and system inventory. OVAL Developer’s Forum Discussion ArchivesArchive of community discussions regarding the ongoing development of the OVAL Language. Language StructureProvides a detailed explanation of how the OVAL Language is structured with three main categories of XML schemas (system characteristics, definitions, and results), and how each category contains a core schema and a number of component schemas. Definition TutorialHow an OVAL Definition is structured in the OVAL Language. Validating a DocumentExplains how to validate an OVAL document to ensure a common and expected structure amongst OVAL documents being passed between different users. Language Revision ProcessDetails how the OVAL Language changes and evolves, including the four major milestones for creating a new version of the OVAL Language. Versioning MethodologyDefines the methodology used to version the OVAL Language, including what constitutes major and minor language version changes and how OVAL differentiates language versions via namespace version. Previous approaches to language versioning that have been tried and/or thought about are also discussed. Deprecation PolicyDetails how and why unneeded constructs are deprecated from the OVAL Language. Regular Expression SupportOVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. This common subset is described here. Page Last Updated: September 04, 2009 |
Language ReleasesUpcoming ReleasesPrevious Releases |
|||||||||
 |
||
