OVAL
Open Vulnerability Assessment Language (OVAL) is an XML-based language used to communicate the details of vulnerabilities, patches, security configuration settings, and other machine states in a machine-readable format.
SCAP 1.0 policies are compliant with OVAL Version 5.3. Tell me moreTell me more
Specification: http://oval.mitre.org/
SCAP 1.2 policies are compliant with OVAL Version 5.10. Tell me moreTell me more
Specification: http://oval.mitre.org/
Schema Location: http://oval.mitre.org/language/download/schema/version5.10/index.html