← Cybersecurity Alphabet Soup

SCAP

Security Content Automation Protocol

operationshard

SCAP is a NIST-maintained suite of specifications that lets tools automatically check systems for vulnerabilities and misconfigurations in a standardized, machine-readable way. It bundles component standards like CVE, CVSS, OVAL, and XCCDF so a scanner from one vendor can consume checklists written by another. It matters because manually auditing thousands of machines against security baselines is impossible; SCAP makes compliance checking automatable and repeatable.

Sources

More in operations