Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Content Automation Protocol Validation Program SCAPVP

127 CIS SCAP 1.2 Product Validation Record

Validation Number: 127 Center for Internet Security Logo
Vendor: Center for Internet Security
Product Name: CIS-CAT Pro Assessor (formerly Configuration Assessment Tool (CIS-CAT))
Product Major Version: 3
Product Version Tested: 3.0.00
Tested Platforms:
Microsoft Windows 7, 64 bit
Microsoft Windows 7, 32 bit
Microsoft Windows Vista, SP2, 32 bit
Microsoft Windows XP Pro, SP3, 32 bit
Red Hat Enterprise Linux 5, 64 bit
Red Hat Enterprise Linux 5, 32 bit
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 9/13/2013 - 3/18/2014
Report Submitted: 3/24/2014
DTR Version: NISTIR 7511 Rev. 3
Validation Test Suite:
version 1- (December 2012 release includes R600-, R1900-, R3300- out of cycle updates)
version 1- (August 2013 release)
version 1- (March 2014 release)
version 1- (April 2015 release)
version 1-­ (April 2016 release)
version 1-­ (June 2016 release)
Previous Validation
SCAP and Product Version:
SCAP 1.0 – CIS-CAT 2.2
NVLAP Lab: 200423-0 - BAH Testing Lab
Validation Date: 3/24/2014

Exceptions were granted for validation tests that contained bugs which were subsequently fixed in version 1- of the validation test suite. The validation test content change log version 1- contains the complete list.

Note(s): The Configuration Assessment Tool (CIS-CAT) product has been renamed CIS-CAT Pro Assessor.
  The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.

Created November 06, 2017, Updated May 15, 2023