This is a potential security issue, you are being redirected to https://csrc.nist.gov
Drafts for Public Comment
All Public Drafts
Final Pubs
FIPS
Special Publications (SPs)
NISTIRs
ITL Bulletins
White Papers
Journal Articles
Conference Papers
Books
Security & Privacy
Applications
Technologies
Sectors
Laws & Regulations
Activities & Products
Computer Security Division
Applied Cybersecurity Division
Contact Us
SCAP Inquiries scap@nist.gov
Security and Privacy: configuration management, patch management, security automation, security measurement, vulnerability management
Release Cycle SCAP Content SCAP Releases SCAP 1.3 SCAP 1.2 SCAP 1.1 SCAP 1.0 SCAP Specifications Asset Identification Asset Reporting Format (ARF) Common Configuration Enumeration (CCE) Common Platform Enumeration (CPE) Applicability Language Dictionary Name Matching Naming Open Vulnerability Assessment Language (OVAL) Open Checklist Interactive Language (OCIL) Trust Model for Security Automation Data (TMSAD) Extensible Configuration Checklist Description Format (XCCDF) Software Identification (SWID) Emerging Specifications Emerging Specification Listing Asset Summary Reporting (ASR) SCAP Community
Open Security Controls Assessment Language National Checklist Program SCAP v2 Security Content Automation Protocol Validation Program Software Identification Tagging U.S. Government Configuration Baseline Testing Laboratories DevSecOps