Security Content Automation Protocol: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 04:49, 27 January 2024 edit MrLavoie (talk \| contribs) 148 edits Moved checklist section to the bottom. Moved paragraphs 2 and 3 from Purpose section. Turned nested sections into main sections. ← Previous edit		Latest revision as of 09:18, 27 August 2025 edit undo Citation bot (talk \| contribs) Bots 5,868,088 edits Added bibcode. Removed URL that duplicated identifier. Removed parameters. \| Use this bot. Report bugs. \| Suggested by Headbomb \| Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Sandbox \| #UCB_webform_linked 391/967
(3 intermediate revisions by 3 users not shown)
Line 6: ==Purpose== To guard against security threats, organizations need to continuously monitor the computer systems and applications they have deployed, incorporate security upgrades to software and deploy updates to configurations. The Security Content Automation Protocol (SCAP), pronounced "ess-cap",<ref>{{Cite journal \|last1=Radack \|first1=Shirley \|last2=Kuhn \|first2=Rick \|date=2011-02-04 \|title=Managing Security: The Security Content Automation Protocol ~~\|url=https://ieeexplore.ieee.org/document/5708279~~ \|journal=IT Professional \|volume=13 \|issue=1 \|pages=9–11 \|doi=10.1109/MITP.2011.11 \|bibcode=2011ITPro..13a...9R \|s2cid=5344382 \|issn=1520-9202}}</ref> but most commonly as "skap" comprises a number of open standards that are widely used to enumerate software flaws and configuration issues related to security. Applications which conduct security monitoring use the standards when measuring systems to find vulnerabilities, and offer methods to score those findings in order to evaluate the possible impact. The SCAP suite of specifications standardize the nomenclature and formats used by these automated vulnerability management, measurement, and policy compliance products. ==SCAP Checklists==