Security Content Automation Protocol (SCAP) Compliance Checker

SSC Atlantic

The SCAP Compliance Checker (SCC) is a Security Content Automation Protocol (SCAP) validated application developed by Space and Naval Warfare (SPAWAR) Systems Center Atlantic.

Standards Supported:	Platforms Supported:
SCAP Version: 1.0	Windows XP & Server 2003
OVAL Version: 5.10.1	Windows Vista & Server 2008
XCCDF Version: 1.1.4	Windows 7 & Server 2008 R2
CPE Version: 2.2	Solaris 10
CCE Version: 5.0	Red Hat Enterprise Linux 4 & 5
OCIL Version: 2.0	Debian Linux 5 & 6
DOD ARF Version: 0.41
Cyberscope Version: 1.0.0 Early Access Release

Primary Features:

No per seat license costs for Federal government/contractor computers
Performs compliance scanning using SCAP content
Performs vulnerability scanning using OVAL content
Performs manual interview checks using OCIL content
Creates XCCDF XML results
Creates OVAL XML results
Creates ARF XML results
Creates Cyberscope Autofeed XML results
Creates HTML and text based single computer reports
Creates HTML and spreadsheet based multi-computer summary reports
Allows for installation of custom SCAP and OVAL content
Allows for automatic downloading of updated patch content from Internet/Intranet
Allows for organizational deviations
Allows for organizationally defined compliance thresholds
Has graphical and command line interfaces
Native executables per platform (no runtime requirements such as Java)

References:

NIST USGCB

NIST SCAP

Credits:

The SCC was developed for and funded by the Internal Revenue Service and the National Security Agency.
OVAL, CPE, CVE and CCE are registered trademarks of the MITRE Corporation.

Latest Software Release: Version: 3.0.1
Release Date: March 30, 2012

SCC is available for any government employee or contractor to the US government.

For Department of Defense (DOD) users with a valid Common Access Card (CAC), the software can be downloaded directly from DISA: http://iase.disa.mil/stigs/scap/index.html then click "SCAP Tools"

To be notified of any software updates to SCC, please email: ssc_lant-scc@navy.mil

For non DOD users, the software can be requested by emailing: ssc_lant-scc@navy.mil

Checksum information for software

Quick Links

No Fear Act | Work Status | Accessibility

FOIA | Fraud, Waste, & Abuse | Security & Privacy

USA.gov | This is an official United State Navy Website.

Contact Webmaster

This US Government system is subject to monitoring. Please review the Privacy Policy.

The appearance of external hyperlinks does not constitute endorsement by the United States Department of Defense, the United States Department of the Navy and the Space and Naval Warfare Systems Command (SPAWAR) of the linked web sites, or the information, products or services contained therein. For other than authorized activities such as military exchanges and Morale, Welfare and Recreation (MWR) sites, the United States Department of Defense, the Department of the Navy and the Space and Naval Warfare Systems Command does not exercise any editorial control over the information you may find at these locations. Such links are provided consistent with the stated purpose of this DoD web site.

In order to provide our customers with the best information more effectively, the SPAWAR Enterprise Public Website has undergone several recent revisions. We welcome your comments regarding revisions or other issues. Click Here to submit feedback.

Updated: 5/15/2012 12:01 PM EST Published (11.0)