From: NIST
Dear Security Automation Community,
So that the community can plan in advance for upcoming validation requirements, NIST is announcing the revised SCAP validation program slated for late FY11 Q4/ early FY12 Q1.
The new validation program constitutes a significant expansion in test bundle content to exercise the various specification constructs of greatest interest to the operational and planned use cases pertaining to community and government interest. NIST will also provide a public test suite for vendors and developers of products that use SCAP to test and calibrate their implementations according to SCAP 1.2 specifications prior to entering formal laboratory validation.
The planned list of improvements to SCAP 1.2 is provided that the following link: http://scap.nist.gov/revision/1.2/. An updated Derived Test Requirements document (NIST IR 7511), will be released in the near future to clearly define the SCAP 1.2 requirements as they pertain to validation testing.
NIST will be discussing these and other improvements to SCAP at the upcoming Security Automation Developer Days in Bedford, Mass. on June 14th-17th and additional workshops which will be announced in the near future.
—
John Banghart
National Institute of Standards and Technology
(301) 975-8514
john.banghart@nist.gov
Leave a Reply