...
SCAP is a public specification that provides standardized and automated security configurations, and vulnerability assessments. SCAP is made up of comprises the following standards:
- XCCDF
- OVAL
- CPE
- CCE
- CVE
- CVSS
The Federal Desktop Core Configuration (FDCC) and U.S. Government Baseline (USGCB) are examples of the SCAP specification, mandated across all U.S. federal agents agencies and made openly available to for other organizations to leverage.
Effective Security Configuration Management configuration management products help firms organizations manage security proactively . By combining elements of vulnerability assessment, patch management, automated remediation and configuration compliance, these products can help reduce risks by ensuring that systems are configured properly.Arellia Security Analysis Solution embraces the SCAP standard to help meet these goals, providing the ability to and ensure proper system configuration by combining the following elements:
- Vulnerability assessment
- Patch management
- Automated remediation
- Configuration compliance
SAS embraces the SCAP standard and can import SCAP content into the Symantec Arellia Management Platform CMDB Server and allows for the continuous monitoring of security configuration management issues that arise due to system vulnerability and misconfiguration on endpoints within an organization.
...