The purpose of this document is to provide an overview of the Security Content Automation Protocol (SCAP). This document discusses SCAP at a conceptual level, focusing on how organizations can use SCAP-enabled tools to enhance their security posture. It also explains to IT product and service vendors how they can adopt SCAP's capabilities within their offerings.
Citation: Special Publication (NIST SP) - 800-117
NIST Pub Series: Special Publication (NIST SP)
Pub Type: NIST PubsReport Number:
Security automation, security configuration management, Security Content Automation Protocol (SCAP), vulnerability management, SCAP