Validation Tests for Security Automation: NIST Releases NISTIR 7511 Revision 5: Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements
The Security Content Automation Protocol (SCAP) consists of open standards that are widely used by organizations to measure and continuously monitor the security settings and controls of computer systems and applications in order to find software flaws and security-related configuration issues. Also, SCAP standardizes the nomenclature and formats used to manage and measure the vulnerability of computer systems to threats and their compliance to policies, especially Federal Information Security Management Act (FISMA).
NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements, the latest in a series of documents on SCAP, that describes the test requirements for SCAP version 1.3. SCAP 1.3 consists of a suite of specifications for standardizing the format and nomenclature by which security software communicates information about software flaws and security configurations. ..Read More..