This is a potential security issue, you are being redirected to https://csrc.nist.gov.
You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.
SCAP Logo
The Security Content Automation Protocol (SCAP) is a suite of interoperable specifications for the standardized expression, exchange, and processing of security configuration and vulnerability information. SCAP enables consistent automation and reporting across products and environments by defining machine-readable content and associated processing requirements.
SCAP continues to be maintained through the development of SCAP 1.4, which builds upon prior releases to preserve interoperability and operational stability across established security automation use cases. Consistent with current program direction, development of SCAP 2.0 has ceased, and no additional major SCAP releases are planned. Accordingly, this site focuses on existing SCAP specifications and their maintenance under the SCAP 1.x family.
NIST welcomes community engagement directed toward improving the clarity, quality, and implementation of SCAP 1.4. Inquiries may be directed to the SCAP Team at [email protected].
SCAP Inquiries
[email protected]
Security and Privacy: configuration management, patch management, security automation, security measurement, vulnerability management
Release Cycle SCAP Content SCAP Releases SCAP 1.3 SCAP 1.2 SCAP 1.1 SCAP 1.0 SCAP Specifications Asset Identification Asset Reporting Format (ARF) Common Configuration Enumeration (CCE) Common Platform Enumeration (CPE) Applicability Language Dictionary Name Matching Naming Open Vulnerability Assessment Language (OVAL) Open Checklist Interactive Language (OCIL) Trust Model for Security Automation Data (TMSAD) Extensible Configuration Checklist Description Format (XCCDF) Software Identification (SWID) SCAP Community
SCAP Inquiries
[email protected]
Security and Privacy: configuration management, patch management, security automation, security measurement, vulnerability management