Hello everybody, let me resend a message that originally arrived about three weeks ago, but HTTP links were rewritten to a form that wasn't useful at all. Big thanks Steve Grubb for notifying me about the issue and to Adam Montville for fixing it! So let me present a tool that I have heard many to request in the past - the interactive visualizer of OVAL results [1]. Have you ever encountered a rule that has more than one level of criteria in its OVAL definition? Or a rule that makes use of extend_definition? Of course you had encountered such rules. And what do you do when a scan of such a complex rule passes or fails unexpectedly? The answer to that question probably got much simpler - you can use the open-source, cross-platform oval-graph CLI tool [2]. This command consumes the rule name (or regular expression of thereof) and the ARF file, which is one of the possible standardized formats for SCAP-compatible scanner results. And then it generates a visualization that pops up in a web browser. The OVAL as Graph project [2] is easy to install on Python3 systems using the standard pip Python package manager. An RPM package also exists for Fedora [3] and the EPEL repository. We have tested the tool with the OpenSCAP scanner, but it should be compatible with other scanners as well - give it a shot and reach back to us! You can read more on Compliance As Code Blog [4], where you can leave comments, and we also look forward to pull request or issues that you can open in the repository [2]. Regards, Matej References: [1]: https://raw.githubusercontent.com/OpenSCAP/oval-graph/master/docs/demo-screenshot.png [2]: https://github.com/OpenSCAP/oval-graph [3]: https://src.fedoraproject.org/rpms/oval-graph [4]: https://complianceascode.github.io/template/2020/08/24/visualising-the-results-of-complex-security-rules-using-oval-graph-tool.html