← Cybersecurity Alphabet Soup

XCCDF

Extensible Configuration Checklist Description Format

operationshard

XCCDF is an XML-based language for writing security checklists and configuration benchmarks in a structured, machine-readable form. Hardening guides like DISA STIGs and CIS Benchmarks are published in XCCDF so compliance tools can automatically test systems against them and score the results. It matters because it turns dense hardening documents into content that scanners can execute directly.

Sources

More in operations