NIST has released for public comment, a draft of SP 800-126, Rev. 2. As NIST explains,
SCAP consists of a suite of specifications for standardizing the format and nomenclature by which security software communicates information about software flaws and security configurations. SP 800-126 defines and explains SCAP version 1.2, including the basics of the SCAP component specifications and their interrelationships, the characteristics of SCAP content, and the SCAP requirements not defined in the individual component specifications.
Comments are due by August 1, 2011. Comments should be sent by email to 800-126comments@nist.gov with “Comments SP 800-126” in the subject line.
The draft of Sp 800-126 r2 is attached below.
Leave a Reply