Hi Tina,

Thank you for reaching us. There is ComplianceAsCode project (formerly known
as SCAP Security Guide) that provides SCAP content for various Linux 

ComplianceAsCode is an open-source project and it's developed actively on 
Here's the link: https://github.com/ComplianceAsCode/content
Check out the README there.

ComplianceAsCode already has some SCAP content for Oracle Linux 7. It needs a 
lot of
improvements, but it's a great place to start. It's possible to reuse a lot of 
that is used in RHEL content. There is a person from Oracle, Ilya Okomin,
who used work on that.

The process for sharing content with the community is to submit patches
via GitHub using pull requests. We are willing to provide feedback and help
your developers with that.
There is a developer guide that explains how the content is built:

Hopefully this helps. We're looking forward to hear from you soon. 


Jan Černý
Security Technologies | Red Hat, Inc.

----- Original Message -----
> From: "Tina Rose" <tina.r...@oracle.com>
> To: open-scap-list@redhat.com
> Sent: Friday, October 19, 2018 7:38:45 PM
> Subject: [Open-scap] Developing content for Oracle Linux
> I had a customer request Open-SCAP content specific to Oracle Linux to
> complete STIG compliance. Can someone point me in the right direction to
> begin researching this request? Is there a process for creating and sharing
> content to the open-scap community?
> Tina Rose | Consulting Member of Technical Staff
> Office: +1 719 757 3203
> Oracle Platform Integration MAA Team
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list@redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list

Open-scap-list mailing list

Reply via email to