Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements



John F. Banghart, Melanie R. Cook, Stephen Quinn, David A. Waltermire, Andrew Bove


[Superseded by NISTIR 7511 Rev. 4 (January 2016):] This report defines the requirements and associated test procedures necessary for products to achieve one or more Security Content Automation Protocol (SCAP) validations. Validation is awarded based on a defined set of SCAP capabilities by independent laboratories that have been accredited for SCAP testing by the NIST National Voluntary Laboratory Accreditation Program (NVLAP).
NIST Interagency/Internal Report (NISTIR) - 7511 Rev 3
Report Number
7511 Rev 3


Security Content Automation Protocol (SCAP), SCAP derived test requirements (DTR), SCAP validated tools, SCAP validation


Banghart, J. , Cook, M. , Quinn, S. , Waltermire, D. and Bove, A. (2013), Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed May 24, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created January 15, 2013, Updated October 12, 2021