How to import a SCAP policy from our library
You need a Security Content Automation Protocol (SCAP) policy to evaluate hosts for SCAP compliance. You can get a policy by importing one from our library. These policies comply with the National Institute of Standards and Technology (NIST) standards.
Tell me about user permissionsTell me about user permissions
The SCAP application must be enabled for the subscription. Managers and Auditors have permissions to create and edit SCAP policies.
How to import a policy
Go to PA > Policies and select New > Import SCAP Policy. Click Import for the policy you want. Ensure to assign relevant hosts (for example, assign Windows 7 hosts to a Windows 7 policy).
You must assign at least one asset group to the policy to scan it.
Tell me about SCAP contentTell me about SCAP content
SCAP content is compliant with SCAP 1.0 and 1.2 specifications defined by NIST.
SCAP 1.1/1.0 content consists of these files: XCCDF Content, CPE OVAL Definitions, CPE 2.0 Dictionary, OVAL Compliance Definitions. This file is optional: OVAL Patch Definitions.
SCAP 1.2 content consists of a single file: SCAP source data stream.
Looking for something else?
Is my new policy ready to use?Is my new policy ready to use?
Once a selected policy is in your list and you have assigned assets to it, you are ready to start scanning. You notice that when you launch a SCAP scan, you can select the policy from the SCAP Policy menu. To get information on your policy, hover over the policy and select Info from the Quick Actions menu.
Can I create my own policies?Can I create my own policies?
Yes. You can create custom SCAP policies by uploading your own SCAP content. Learn more
Select a policy from your policies list and check out the preview pane. You can see the generated date (when the content was originally created/officially published) and the last updated date (when the policy was created/modified).