Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Security Content Automation Protocol Validation Program

Project Overview

The SCAP Validation Program is designed to test the ability of products to use the features and functionality available through SCAP and its component standards.

Under the SCAP Validation Program, independent laboratories are accredited by the NIST National Voluntary Laboratory Accreditation Program (NVLAP). Accreditation requirements are defined in NIST Handbook 150, and NIST Handbook 150-17. Independent laboratories conduct the tests contained in the SCAP Validation Program Derived Test Requirements Document, on information technology (IT) security products and deliver the results to NIST. Based on the independent laboratory test report, the SCAP Validation Program then validates the product under test based on the independent laboratory test report. The validations awarded to vendor products will be publicly posted on the SCAP Validated Products and Modules web page.

SCAP validation will focus on evaluating specific versions of vendor products based on the platforms they support. Validations will be awarded on a platform-by-platform basis for the version of the product that was tested. Currently, products may seek validations on Red Hat Linux, Microsoft Windows and Apple Mac OS platforms.

Created November 06, 2017, Updated April 24, 2018