Publications
Withdrawn on November 27, 2018.
Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.0
Documentation
Topics
Date Published: July 2010
Planning Note (11/27/2018):
SCAP v1.0 is no longer supported. For additional details, see information about SCAP Releases and the SCAP Release Cycle.
Author(s)
Stephen Quinn (NIST), Karen Scarfone (NIST), Matthew Barrett (G2), Christopher Johnson (NIST)
The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service vendors how they can adopt SCAP's capabilities within their offerings.
The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service...
See full abstract
The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service vendors how they can adopt SCAP's capabilities within their offerings.
Hide full abstract
Keywords
Security automation; security configuration management; Security Content Automation Protocol (SCAP); vulnerability management
Control Families
Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Maintenance; Risk Assessment; System and Services Acquisition; System and Communications Protection
