NIST has begun planning for the next major revision of the Security Content Automation Protocol (SCAP), SCAP v2. A whitepaper is available that presents an overview of SCAP v2 and how it addresses gaps in SCAP v1. This whitepaper describes a proposed SCAP 2.0 architecture and provides a plan for completing the work necessary to finalize SCAP v2, which will be developed over a series of minor revisions (e.g., 2.0, 2.1).
Please send comments on this whitepaper and ideas for SCAP v2 to the SCAP Discussion List (firstname.lastname@example.org). Instructions to join this list can be found on the SCAP Community page.
On October 4, 2018 at 1pm EDT, the co-authors of the whitepaper will host a web conference on the whitepaper and our plans for SCAP v2. NIST will also host a workshop on SCAP v2 in early December at the National Cyber Security Center of Excellence. More information on these events will be posted on this page and the email@example.com list in the near future.