Open Vulnerability and Assessment Language (OVAL)

A language for representing system configuration information, assessing machine state, and reporting assessment results.

See CNSSI 4009-2015 under open vulnerability assessment language (OVAL) NIST SP 800-126 Rev. 2 for more information.

SCAP language for specifying low-level testing procedures used by checklists.

See NIST SP 800–128 for more information.