Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Security Content Automation Protocol Validation Program

138 Rapid7 SCAP 1.2 Product Validation Record

Validation Number: 138 Rapid 7 Logo
Vendor: Rapid7
Product Name: Nexpose
Product Major Version: 6
Product Version Tested: 6.2.1
Tested Platforms:
Microsoft Windows XP Professional SP3, 32 bit
Microsoft Windows Vista SP1, 32 bit
SCAP 1.2 Capabilities:
Authenticated Configuration Scanner
Common Vulnerabilities and Exposures (CVE)
Validated Product
Vendor Provided SCAP Information
Dates Tested: 10/20/2015 - 4/8/2016
Report Submitted: 11/20/2015
DTR Version: NISTIR 7511 Rev. 3
Validation Test Suite:
version 1-2.0.0.0 (December 2012 release includes R600-1.2.0.0.1, R1900-1.2.0.0.2, R3300-1.2.0.0.3 out of cycle updates)
version 1-2.0.1.0 (August 2013 release)
version 1-2.0.2.0 (March 2014 release)
version 1-2.0.3.0 (April 2015 release)
version 1-­2.1.0.0 (April 2016 release)
version 1-­2.1.1.0 (June 2016 release)
Previous Validation
SCAP and Product Version:
Nexpose 5.1 SCAP 1.0
NVLAP Lab: - Acumen Security
Validation Date: 5/9/2016
Comments: An exception was granted for SCAP.R.2000.5 because there isn’t a clearly defined method for exporting the same OVAL variable with multiple values.
Note: The vendor assertions document (aka Vendor Provided SCAP Information) was provided by the vendor. The descriptions do not imply endorsement by the U.S. Government or NIST.

Created November 06, 2017, Updated April 24, 2018