1. Technology
You can opt-out at any time. Please refer to our privacy policy for contact information.

Security Content Automation Protocol (SCAP)

The Next Big Thing in Vulnerability Management

By

Man working on computer at home
StA-gur Karlsson/E+/Getty Images

You may have never heard of them but Security Content Automation Protocol (SCAP)-enabled tools are the next big thing in vulnerability management and security configuration control. SCAP was started by the National Institute of Standards and Technology (NIST) and its partners in industry.

SCAP primarily consists of NIST-hosted SCAP checklists which are hardened configurations of operating systems and/or applications. The SCAP checklist contains what NIST and its partners have determined to be "secure" configurations of OSes and applications.

The SCAP checklist content can be loaded into SCAP-enabled scanning tools that can scan computers using the checklist as a baseline to compare the system being scanned. The SCAP scan can reveal if there are any settings or patches on the target system that are not up to the SCAP checklist standard.

There are many SCAP-enabled scanning tools available both open source and commercial. These tools range tools for testing individual PCs to enterprise level tools capable of scanning thousands of systems at a time.

This page is intended to be a jumping off point into the world of SCAP. Pleas start your journey by checking out the SCAP resources below:

SCAP Basics

What is SCAP?
NIST's SCAP Main Page
SCAP Community Page
NIST SCAP Tools Page

SCAP Checklist Content

NIST SCAP Checklist Repository
Windows 7 Firewall SCAP Content
Windows Vista SCAP Content

SCAP Scanning Tools

SCAP Validation Tools List
ThreatGuard
BigFix
Core Impact
Fortinet Fortiscan
Open Scap (open source)
  1. About.com
  2. Technology
  3. Internet / Network Security
  4. Tools & Utilities
  5. SCAP - Security Content Automation Protocol (SCAP) Tools and Resources

©2014 About.com. All rights reserved.