The Security Content Automation Protocol (SCAP)

最新推荐文章于 2025-06-07 19:24:53 发布

转载最新推荐文章于 2025-06-07 19:24:53 发布 · 515 阅读

文章标签：

#security #standards #dialog #database #web

InfoSec 专栏收录该内容

4 篇文章

订阅专栏

SCAP是一种使用特定标准实现自动化漏洞管理、测量和政策合规评估的方法，美国政府的National Vulnerability Database是其内容存储库。SCAP整合了社区理念形成的可互操作规范，确保广泛的应用案例反映在功能中。网站提供社区参与信息，包括现有和新兴的SCAP规范。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

http://en.wikipedia.org/wiki/Security_Content_Automation_Protocol

The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation (e.g., FISMA compliance). The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.

http://scap.nist.gov/

The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. Community participation is a great strength for SCAP, because the security automation community ensures the broadest possible range of use cases is reflected in SCAP functionality. This Web site is provided to support continued community involvement. From this site, you will find information about both existing SCAP specifications and emerging specifications relevant to NIST's security automation agenda. You are invited to participate, whether monitoring community dialog or leading more substantive activities like specification authorship.