Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.0

Quinn, Stephen; Scarfone, Karen; Barrett, Matthew; Johnson, Christopher

doi:https://doi.org/10.6028/NIST.SP.800-117

SP 800-117

Withdrawn on November 27, 2018.

Guide to Adopting and Using the Security Content Automation Protocol (SCAP) Version 1.0

Documentation Topics

Date Published: July 2010

Planning Note (11/27/2018): SCAP v1.0 is no longer supported. For additional details, see information about SCAP Releases and the SCAP Release Cycle.

Author(s)

Stephen Quinn (NIST), Karen Scarfone (NIST), Matthew Barrett (G2), Christopher Johnson (NIST)

Abstract

The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service vendors how they can adopt SCAP's capabilities within their offerings.

Keywords

Security automation; security configuration management; Security Content Automation Protocol (SCAP); vulnerability management

Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Maintenance; Risk Assessment; System and Communications Protection; System and Services Acquisition

Documentation

Publication:
SP 800-117 (DOI)
Local Download

Supplemental Material:
None available

Document History:
07/27/10: SP 800-117

Topics

Security and Privacy
configuration management; security automation; vulnerability management

Laws and Regulations
Federal Information Security Modernization Act; OMB Circular A-130