Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NIST Releases Draft NISTIR 8058, Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content
May 01, 2015

NIST announces the public comment release of Draft NIST Internal Report (NISTIR 8058)Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2 Content. The Security Content Automation Protocol (SCAP) is a suite of specifications that standardize the format and nomenclature by which software flaw and security configuration information is communicated, both to machines and humans. Over time, certain stylistic conventions regarding the authoring of SCAP 1.2 content have become best practices. They improve the quality of SCAP content in several ways, such as improving the accuracy and consistency of results, avoiding performance problems, reducing user effort, lowering content maintenance burdens, and enabling content reuse. This document has been created to capture the best practices and encourage their use by SCAP content authors and maintainers.

Please send comments to NISTIR8058-comments@nist.gov with “Comments Draft NISTIR 8058” in the subject line. Comments will be accepted through June 1, 2015.

Created December 21, 2016, Updated April 25, 2017