It’s critically important for every organization to keep up to date on the latest cybersecurity threats, such as viruses, worms, Trojan horses, and other nefarious digital menaces. SCAP has many open security standards as well as applications that apply these standards to check for problems and misconfigurations.
Why Organizations Use SCAP
If a company or organization doesn’t have a security implementation or has a weak one, SCAP brings accepted security standards the organization can follow. Simply put, SCAP lets security administrators scan computers, software, and other devices based on a predetermined security baseline. It lets the organization know if it’s using the right configuration and software patches for best security practices. SCAP’s suite of specifications standardizes all the different terminology and formats, taking the confusion out of keeping organizations secure.
SCAP Components
SCAP content and SCAP scanners are the two main aspects of the Security Content Automation Protocol.
SCAP Content
SCAP content modules are freely available content developed by the National Institute of Standards and Technologies (NIST) and its industry partners. The content modules are made from “secure” configurations that are agreed to by NIST and its SCAP partners. One example would be the Federal Desktop Core Configuration, which is a security-hardened configuration of some versions of Microsoft Windows. The content serves as a baseline for comparison of systems being scanned by the SCAP scanning tools.
SCAP Scanners
An SCAP scanner is a tool that compares a target computer or application’s configuration and/or patch level against that of the SCAP content baseline. The tool will note any deviations and produce a report. Some SCAP scanners also have the ability to correct the target computer and bring it into compliance with the standard baseline. There are many commercial and open-source SCAP scanners available, depending on the feature set you want. Some scanners are meant for enterprise-level scanning, while others are for individual PC use. You can find a list of SCAP tools at NVD. Some examples of SCAP products include ThreatGuard, Tenable, Red Hat, and IBM BigFix.