SCAP Audit Summary Report

by Cody Dumont
May 22, 2014

The Security Content Automation Protocol (SCAP) is a mixture of community developed security specifications. With vast depth of knowledge amongst the community, SCAP has gained strength within the security automation community by ensuring a broad range of use cases are reflected in the SCAP functionality. The SCAP web site (http://scap.nist.gov) provides security professionals with information about both existing SCAP specifications and emerging specifications relevant to NIST's security automation agenda.   

The report and its components are available in the SecurityCenter Feed, an app store of dashboards, reports, and assets.  The report requirements are:

  • SecurityCenter 4.8
  • Nessus 5.2.6
  • SCAP supported packages such as: USGCB-rhel5desktop-1.2.5.0.zip & u_windows_7_v1r20_stig_benchmark.zip,

SecurityCenter users are able to embrace the NIST security automation agenda through more efficient use of devices with SCAP audit file support, and advanced reporting using the dashboards and reports native to SecurityCenter.

Chapters

The Executive Summary contains a series of components to provide an overview of the current SCAP compliance status. The components provide a high-level insight to Windows and Linux hosts in a comparative manner. 

The Window Summary chapter provides details on Windows compliance. The chapter contains four sections; the first provides a network summary of compliance checks. The following sections contain the compliance check and IP details for all compliance checks identified. Each section provides focus on a compliance result, either passed, failed, or manual verification. 

The Linux Summary chapter provides details on Linux compliance. The chapter contains four sections; the first provides a network summary of compliance checks. The following sections contain the compliance check and IP details for all compliance checks identified. Each section provides focus on a compliance result, either passed, failed, or manual verification.