Security compliance/vulnerability tools

[TripleCheese]

Hello all,

 

I'm currently in my last year of a "Networking & Security" study in The Netherlands. To finish my education I'm currently working on a graduation project where I'm looking to set-up a "system" that, when a SALT state has been altered, runs this on a test machine which then runs a security compliance scan (based on predefined baselines (like SCAP or XCCF)) or a vulnerability (CVE's) scan on the "new" configuration. For this I've been looking at existing tools that perform these types of scans (OpenSCAP, CIS-CAT, Nessus, OpenVas), but I was wondering if any of you know possible other tools I could use/try out for this purpose (preferably free/open-source).

 

tl:dr: I'm looking for tools (preferably free/open-source) that are able to scan a system for compliance/vulnerability based on standards like SCAP, XCCF, CVE or others.

 

thx!

 

-Jop