To help assist in simplifying the process of certifying and accrediting Linux systems, Tresys Technology integrated a ‘standardized’ security verification mechanism into CLIP (our Certifiable Linux Integration Platform). The verification mechanism relies on the Open Vulnerability Assessment Language (OVAL) to perform detailed security checks on every component of the operating system. For more information about OVAL, read ‘An open source security language: What is OVAL?, written by Ed Sealing.
Since certification and accreditation is an important component of securing systems within the federal workspace, Tresys based all security checks on the Unix Security Technical Implementation Guide (STIG), provided by DISA. The output of these checks is a report generated in the form of a webpage that shows what STIG checks have passed or failed.