...
- FDCC Scanner
- Authenticated Configuration Scanner
- Authenticated Vulnerability and Patch Scanner
Implementation
SCAP
Security Content Automation Protocol (SCAP ) is a public specification that provides for standardized and automatable automated security configuration configurations, and vulnerability assessment, comprised of the eXtensible Configuration Checklist Description Format (XCCDF), Open Vulnerability and Assessment Language (OVAL), Common Platform Enumeration (CPE), Common Configuration Enumeration (CCE), Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS).assessments. SCAP is made up of the following standards:
- XCCDF
- OVAL
- CPE
- CCE
- CVE
- CVSS
The Federal Desktop Core Configuration (FDCC) and U.S. Government Baseline (USGCB) are examples of the SCAP specification, mandated across all U.S. federal agents and made openly available to other organizations to leverage.
...