Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Security Content Automation Protocol

SCAP 2.0

NIST has begun planning for the next major revision of the Security Content Automation Protocol (SCAP), SCAP v2. A whitepaper is available that presents an overview of SCAP v2 and how it addresses gaps in SCAP v1. This whitepaper describes a proposed SCAP 2.0 architecture and provides a plan for completing the work necessary to finalize SCAP v2, which will be developed over a series of minor revisions (e.g., 2.0, 2.1).

Please send comments on this whitepaper and ideas for SCAP v2 to the SCAP Discussion List (scap-dev@nist.gov). Instructions to join this list can be found on the SCAP Community page.

On October 4, 2018 at 1pm EDT, the co-authors of the whitepaper will host a web conference on the whitepaper and our plans for SCAP v2. NIST will also host a workshop on SCAP v2 in early December at the National Cyber Security Center of Excellence. More information on these events will be posted on this page and the scap-dev@nist.gov list in the near future.

Created December 07, 2016, Updated September 20, 2018