Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Content Automation Protocol Validation Program SCAPVP

138 Rapid7 SCAP 1.2 Product Validation Record

Validation Number: 138 Rapid 7 Logo
Vendor: Rapid7
Product Name: Nexpose
Product Major Version: 6
Product Version Tested: 6.2.1
Tested Platforms:
Microsoft Windows XP Professional SP3, 32 bit
Microsoft Windows Vista SP1, 32 bit
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 10/20/2015 - 4/8/2016
Report Submitted: 11/20/2015
DTR Version: NISTIR 7511 Rev. 3
Validation Test Suite:
version 1-2.0.0.0 (December 2012 release includes R600-1.2.0.0.1, R1900-1.2.0.0.2, R3300-1.2.0.0.3 out of cycle updates)
version 1-2.0.1.0 (August 2013 release)
version 1-2.0.2.0 (March 2014 release)
version 1-2.0.3.0 (April 2015 release)
version 1-­2.1.0.0 (April 2016 release)
version 1-­2.1.1.0 (June 2016 release)
Previous Validation
SCAP and Product Version:
Nexpose 5.1 SCAP 1.0
NVLAP Lab: - Acumen Security
Validation Date: 5/9/2016
Comments: An exception was granted for SCAP.R.2000.5 because there isn’t a clearly defined method for exporting the same OVAL variable with multiple values.
Note: The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.

Created November 06, 2017, Updated May 15, 2023