The National Institute of Standards and Technology published Sept. 29 an update to the Technical Specification for the Security Content Automation Protocol, or SCAP. SP 800-126 Version 1.2 (.pdf) builds on the draft version of the document, published in July, and the feedback collected during the comment period, which closed Aug. 1.
The suite of specifications aims to standardize system security management, promote the interoperability of security products and foster the standard expressions of security content, according to NIST. Federal agencies, in cooperation with academia and private industry, are adopting SCAP.
via FierceGovernmentIT, continued here.