U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Guide to Adopting and Using the Security Content Automation Protocol (SCAP), Version 1.0

Published

Author(s)

Stephen D. Quinn, Karen A. Scarfone, Matthew P. Barrett, Christopher S. Johnson

Abstract

The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service vendors how they can adopt SCAP's capabilities within their offerings.
Citation
Special Publication (NIST SP) - 800-117
Report Number
800-117
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

Local Download

Keywords

Security automation, security configuration management, Security Content Automation Protocol (SCAP), vulnerability management, SCAP
Information technology and Cybersecurity

Citation

Quinn, S. , Scarfone, K. , Barrett, M. and Johnson, C. (2010), Guide to Adopting and Using the Security Content Automation Protocol (SCAP), Version 1.0, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=905179 (Accessed March 13, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created July 27, 2010, Updated May 4, 2021