Date Published: July 2016
Comments Due: August 19, 2016 (public comment period is CLOSED)
Email Questions to: 800-126comments@nist.gov
, , , , ,
NIST invites comments on two draft publications on the Security Content Automation Protocol (SCAP). The first is Special Publication (SP) 800-126 Revision 3, The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.3. The second is SP 800-126A, SCAP 1.3 Component Specification Version Updates: An Annex to NIST Special Publication 800-126 Revision 3.
SP 800-126 Revision 3 and SP 800-126A collectively define the proposed technical specification for SCAP version 1.3, which is based on enhancements and clarifications to the SCAP 1.2 specification. SP 800-126A is a new publication that allows SCAP 1.3 to take advantage of selected minor version updates of SCAP component specifications, as well as designated Open Vulnerability and Assessment Language (OVAL) platform schema versions.
Audit and Accountability; Assessment, Authorization and Monitoring; Incident Response; Maintenance; Risk Assessment
Publication:
Draft SP 800-126A
Comment Template
Supplemental Material:
Comment Template (word)
Other Parts of this Publication:
SP 800-126 Rev. 3 (Draft)
Related NIST Publications:
Document History:
07/18/16: SP 800-126A (Draft)
Security and Privacy
audit & accountability; incident response; maintenance; security automation; threats; vulnerability management
Laws and Regulations
Cybersecurity Strategy and Implementation Plan; Federal Information Security Modernization Act; OMB Circular A-130