http://gcn.com/articles/2012/01/09/nist-scap-automated-security-management.aspx By William Jackson GCN.com Jan 09, 2012 The National Institute of Standards and Technology is updating guidelines for using the Security Content Automation Protocol (SCAP) for checking and validating security settings on IT systems. SCAP is a NIST specification for expressing and manipulating security data in standardized ways, including implementing security configuration baselines, verifying patches and known vulnerabilities, continuous monitoring of vulnerabilities and security configuration settings, looking for signs of compromise, and determining the security posture of systems. Special Publication 800-117, Guide to Adopting and Using the Security Content Automation Protocol Version 1.2, is being revised to provide an overview of its use as well as guidance to vendors for adopting the protocols in their products and services. A draft of Revision 1 has been released for public comment. [...] _____________________________________________________ Did a friend send you this article? Make it your New Year's Resolution to subscribe to InfoSec News! http://www.infosecnews.org/mailman/listinfo/isnReceived on Mon Jan 09 2012 - 23:48:02 PST
This archive was generated by hypermail 2.2.0 : Mon Jan 09 2012 - 23:50:00 PST