Configuration Assessment using SCAP
ETVAS's Configuration Assessment capability compares your existing configuration against baselines from FDCC, USGCB, DISA, or the USGCB. Secure configuration is an economical method to reduce attack surface.
The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation. ETVAS's SCAP capabilities include all the NIST-mandated output formats applicable to SCAP v.1.2 specifications for both OVAL-complaint Vulnerability, Patch and Software Inventory assessments, and XCCDF-compliant Configuration assessment. SCAP-compliant output can be generated to determine Pass/Fail results, as well as deliver reports according to the latest standards like Asset Reporting Format (ARF), XCCDF and Cyberscope report formats for FISMA compliance reporting.