The National Institute of Standards and Technology has approved Red Hat‘s open-source security content automation protocol scanner for deployment on the U.S. government’s Enterprise Linux 6 and 7-based systems.
Red Hat said Friday that NIST certified the OpenSCAP 1.2 platform’s capacity to analyze and evaluate security automation content as well as address functionality and documentation requirements in security-conscious environments.
OpenSCAP was developed through a partnership between the National Security Agency, Red Hat and the open source community to meet the SCAP standard that defines common operations for scanners and supports repeatable security assessments for policy compliance.
Red Hat noted that it will also offer access to development libraries for OpenSCAP in an effort to help independent vendors integrate configuration and vulnerability scanning functions into applications built for Red Hat Enterprise Linux.
The OpenSCAP certification also extends to the company’s other products such as Atomic Scan, CloudForms, Red Hat Satellite and SCAP Workbench.
The company also included security compliance profiles such as the Defense Department Security Technical Implementation Guide, PCI compliance and FBI Criminal Justice Information Systems in Enterprise Linux 6 and 7.