Security Content Automation Protocol [SCAP] Law and Legal Definition
The Security Content Automation Protocol (SCAP) is a technique for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation. The SCAP works as a suite of open standards that enumerates software flaws, security related configuration issues, and product names; measures systems to determine the presence of vulnerabilities; and provides mechanisms to rank (score) the results of these measurements in order to evaluate the impact of the discovered security issues. The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP.