SCAP Settings in Tenable Vulnerability Management Scans
Security Content Automation Protocol (SCAP) is an open standard that enables automated management of vulnerabilities and policy compliance for an organization. SCAP relies on multiple open standards and policies, including OVAL, CVE, CVSS, CPE, and FDCC policies.
Tenable Vulnerability Management allows you to add SCAP (and OVAL) compliance checks to your scans. You can only configure SCAP settings when you use the SCAP and OVAL Auditing scan template.
Caution: SCAP scans in Tenable Vulnerability Management are unverified.
You can select Linux (SCAP), Linux (OVAL), Windows (SCAP), or Windows (OVAL). The following table describes each option's settings:
| Setting | Default Value | Description |
|---|---|---|
| Linux (SCAP) or Windows (SCAP) | ||
| SCAP File | None | A valid zip file that contains full SCAP content. The file contains XCCDF, OVAL, and CPE for versions 1.0 and 1.1, DataStream for version 1.2. |
| SCAP Version | 1.2 | The SCAP version that is appropriate for the content in the uploaded SCAP file. |
| SCAP Data Stream ID | None |
(SCAP Version 1.2 only) The data-stream id that you copied from the SCAP XML file. Example: <data-stream id="scap_gov.nist_datastream_USGCB-Windows-10-1.2.3.1.zip">
|
| SCAP Benchmark ID | None |
The Benchmark id that you copied from the SCAP XML file. Example: <xccdf:Benchmark id="xccdf_gov.nist_benchmark_USGCB-Windows-7">
|
| SCAP Profile ID | None |
The Profile id that you copied from the SCAP XML file. Example: <xccdf:Profile id="xccdf_gov.nist_profile_united_states_government_configuration_baseline_version_1.2.3.1">
|
| OVAL Result Type | Full results w/ system characteristics |
The information you want the results file to include. The results file can be one of the following types: Full results with system characteristics, Full results without system characteristics, or Thin results. |
| Linux (OVAL) or Windows (OVAL) | ||
| OVAL definitions file | None | A valid zip file that contains OVAL standalone content. |