How to accurately match OVAL security data to installed RPMs

Red Hat publishes security data using the Open Vulnerability and Assessment Language (OVAL). Depending on what you have installed, according to the Red Hat and OVAL compatibility FAQ, you’ll need to scan streams for all products installed on your system. This post aims to answer the question of how to determine which stream to use when scanning a system. We’ll use an operating system and container image as target systems to explore the topic. 
Quelle: CloudForms