Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-126A

SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3

Date Published: February 2018


Harold Booth (NIST), David Waltermire (NIST), Mark Badger (NIST), Melanie Cook (NIST), Stephen Quinn (NIST), Karen Scarfone (Scarfone Cybersecurity)



Open Vulnerability and Assessment Language (OVAL); security automation; security configuration; Security Content Automation Protocol (SCAP)
Control Families

Audit and Accountability; Security Assessment and Authorization; Incident Response; Maintenance; Risk Assessment


SP 800-126A (DOI)
Local Download

Supplemental Material:
SCAP project (other)

Other Parts of this Publication:
SP 800-126 Rev. 3

Related NIST Publications:
NISTIR 7511 Rev. 5
NISTIR 7511 Rev. 5 (Draft)

Document History:
02/14/18: SP 800-126A (Final)