The Security Content Automation Project contains:
Definitions and tests to secure all Windows XP environments
Last updated:
10/20/06
The Security Content Automation Project is a product of the NIST Computer Security Division in partnership with the Defense Information Systems Agency and the National Security Agency and is sponsored by the Department of Homeland Security’s National Cyber Security Division.
Security Content Automation Program Information
The Security Content Automation Program, NIST IR-7343 (Draft)
provides an overview of the Security Content Automation Program (SCAP), and then examines how security content automation can be beneficial
in achieving compliance with the Federal Information Security Management Act (FISMA), the Department of Defense (DOD)
8500.2/8510, and other compliance requirements. It also provides details on how SCAP utilizes vulnerability checking and
compliance standards within its implementation: the Extensible Configuration Checklist Description Format (XCCDF) and the Open
Vulnerability Assessment Language (OVAL).
- Security Solutions 2007: Standardizing and Automating Security Operations: ISAP-SecuritySolutions-2007.ppt
- National Security Agency - Central Security Service: 2007 Information Assurance Workshop (IAWS) Presentation: SCAP-02112007-IAWS.ppt
- ITAA CISO Workshop: Beyond FISMA, Taking Federal Cyber Security to the Next Level: ITAA FISMA 20061102 Final2.ppt
- Security Content Automation Presentation: scap-webpp-10182006.ppt
- 2nd Annual Security Automation Conference and Workshop: Conference Presentations
- Defense Network Centric Operations 2007 - Information Assurance Symposium
Date: June 11, 2007 Time: TBD Location: Hilton Alexandria Mark Center
5000 Seminary Road
Alexandria, VA 22311More Information: http://www.wbresearch.com/DNCO/
- Security Solutions 2007 - Automating Vulnerability Management Through SCAP
Date: April 4th, 2007 Time: 11:30 am - 12:15 pm Location: Tampa Marriott Waterside Hotel and Marina
700 South Florida Avenue
Tampa, Florida 33602More Information: https://securitysolutions.telos.com//default.cfm
800-708-3567Presentation: Standardizing and Automating Security Operations
- National Security Agency - Central Security Service: 2007 Information Assurance Workshop (IAWS)
Date: February 12 - 16, 2007 Location: Wyndham Orlando Resort
8001 International Drive
Orlando, FL 32819More Information: http://www.nsa.gov/ia/events/conferences/index.cfm?ConferenceID=41 Presentation: SCAP-02112007-IAWS.ppt
- RSA Conference (Tutorial Session) - Automated Security Content Provisioning for Vulnerability and Configuration Assessment, Compliance, and Remediation. NIST Security Content Automation, Checklist Program, and NVD.
Date: Monday, February 5, 2007 Time: 1:45 pm - 3:30 pm Location: San Francisco, CA. More Information: http://www.rsaconference.com/2007/US/
- Twenty-Second Annual Computer Security Applications Conference (ACSAC) (Workshop) - Host Based Security Assessment: Standards to Implementations
Date: December 11th, 2006 Time: 8:30 am - 4:30 pm Location: Miami Beach Resort and Spa, Miami Beach, FL More Information: http://www.acsac.org/2006/advance_program.html
Harvey Rubinovitz, (781)-271-3076 or hhr@mitre.org
- ITAA's CISO Workshop "Information Security in the Federal Enterprise"
Date: November 2nd, 2006 Time: 8:00 am - 7:00 pm Location: CSC EBC- 3170
Fairview Park Dr.
Falls Church, VAMore Information: http://www.itaa.org/events/event.cfm?EventID=1646
Patti Coen at pcoen@itaa.orgPresentation: ITAA FISMA 20061102 Final2.ppt
- Red Team Blue Team (ReBl) Symposium - Making Sense of Vulnerabilities
Date: 10/30/06 - 11/02/06 Time: TBD Location: Johns Hopkins University Applied Physics Lab (APL)
1100 Johns Hopkins Road
Laurel, Maryland 20723More Information: http://www.nsa.gov/ia/events
- USDA OCIO - Fiscal Year 2007 - Opening Meeting for Best Practices and Lessons Learned.
Date: Thursday, October 26, 2006 Time: 1:00 pm - 3:00 p.m. Location: OCIO Conference Room, S-107, South Building More Information: LaTonya Finch at 202-205-7734 or latonya.finch@usda.gov
- FIAC - Automating FISMA Technical Control Compliance Using Standards
Date: October, 24th 2006 Time: TBD Location: University of Maryland College Park Inn and Conference Center More Information: http://www.fbcinc.com/fiac/
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to scap-update@nist.gov
NIST is an Agency of the U.S. Commerce Department