Content deleted Content added
m wl Federal Desktop Core Configuration in 2nd place, move 1st link to just initials. Seems like a good help-to-intrusion ratio. Please change as needed. |
|||
Line 14:
===SCAP Capabilities===
* [[Federal Desktop Core Configuration]] (FDCC) Scanner
* Authenticated Configuration Scanner
* Authenticated Vulnerability Scanner
Line 35:
Independent third party testing assures the customer/user that the product meets the NIST specifications. The SCAP standards can be complex and several configurations must be tested for each component and capability to ensure that the product meets the requirements. A third party lab (accredited by [http://ts.nist.gov/standards/accreditation/index.cfm NVLAP]) provides assurance that the product has been thoroughly tested and has been found to meet all of the requirements.
A vendor seeking validation of a product that implements an SCAP component (CVE, CCE, CPE, CVSS, XCCDF or OVAL), or capability (Federal Desktop Core Configuration ([[Federal Desktop Core Configuration|FDCC]]
A customer who is subject to the FISMA requirements, or wants to use security products that have been tested and validated to the SCAP standard by an independent third party laboratory should visit the [http://nvd.nist.gov/scapproducts.cfm SCAP validated products web page] to verify the status of the product(s) being considered.
| |||