Other Repositories of OVAL Content

Links to other known publicly accessible OVAL repositories are included below. Current total: 11

Altx-Soft Logo
Altex-Soft

Altex-Soft’s repository of OVAL content consists of OVAL Definitions imported from several sources. Created February 2012.
Repository: http://www.ovaldb.altx-soft.ru/


Center for Internet Security (CIS)
Center for Internet Security (CIS)

The CIS repository is the new official OVAL Repository following the transition away from MITRE. Created August 2015.
Repository: https://oval.cisecurity.org/repository


Cisco Systems Logo
Cisco Systems, Inc.

The Cisco Security Intelligence Operations repository consists of Cisco security advisories in the standardized Common Vulnerability Reporting Format (CVRF) and includes OVAL Vulnerability Definitions for the Cisco IOS security advisories. Created September 2012.
Repository: http://tools.cisco.com/security/center/publicationListing.x


Debian Project Logo
Debian Project

The Debian repository of OVAL content consists of OVAL Definitions that correspond to Debian security advisories. Created August 2010.
Repository: http://www.debian.org/security/oval/


Defense Information Systems Agency Field Security Operations (DISA FSO)

A repository of Security Technical Implementation Guides (STIGs) in support of Security Content Automation Protocol (SCAP) content and tools. Created: May 2012.
Repository: http://iase.disa.mil/stigs/scap/index.html


IT Security Database

This site collects OVAL Definitions from sources such as the OVAL Repository, Red Hat, Suse, NVD, Apache, etc., and provides a unified, easy-to-use Web interface to all IT security related items about them including patches, vulnerabilities, and compliance checklists. Created: November 2010.
Repository: http://www.itsecdb.com/oval


NIST Computer Security Division Logo
NIST Computer Security Division

The Security Content Automation Program (SCAP) is a public free repository of security content to be used for automating technical control compliance activities, vulnerability checking (both application misconfigurations and software flaws), and security measurement. Created January 2007.
Repository: http://scap.nist.gov/content/



Positive Technologies CJSC Logo
Positive Technologies CJSC

The Positive Technologies repository of OVAL content consists of OVAL Definitions collected from various sources. Created May 2012.
Repository: http://oval.ptsecurity.com


Red Hat, Inc. Logo
Red Hat, Inc.

The Red Hat repository of OVAL content consists of OVAL Patch Definitions that correspond to Red Hat Errata security advisories. Created May 2006.
Repository: http://www.redhat.com/oval


SecPod Technologies Logo
SecPod Technologies

SecPod SCAP Feed, also hosted as a repository, is a service providing standardized SCAP content (CVE™, CPE™, CCE™, XCCDF, and OVAL®) for vulnerability, patch, inventory, and compliance management. Created December 2010.
Repository: https://www.scaprepo.com


Security Database Logo
SECURITY-DATABASE

This Web site provides a mirror of the OVAL Repository and links its Alerts to OVAL Definitions when possible. Created February 2012.
Repository: http://www.security-database.com/oval.php


SUSE Logo
SUSE

The SUSE Linux Enterprise OVAL Information database is an index of fixed security incidents indexed by product, RPM package name and version for use in security compliance checking. Created July 2010.
Repository: http://ftp.suse.com/pub/projects/security/oval/


Back to top

Page Last Updated: January 28, 2016