XCCDF
   HOME

TheInfoList



Click Here for Items Related To - XCCDF
OR:
XCCDF on:   [Wikipedia]   [Google]   [Amazon]

The Extensible Configuration Checklist Description Format (XCCDF) is an
XML Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing data. It defines a set of rules for encoding electronic document, documents in a format that is both human-readable and Machine-r ...
format specifying
security checklist Security is protection from, or resilience against, potential harm (or other unwanted coercion). Beneficiary, Beneficiaries (technically referents) of security may be persons and social groups, objects and institutions, ecosystems, or any other e ...
s, benchmarks and configuration documentation. XCCDF development is being pursued by
NIST The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical s ...
, the
NSA The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
,
The MITRE Corporation The Mitre Corporation (stylized as The MITRE Corporation and MITRE) is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers ...
, and the
US Department of Homeland Security The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior, home, or public security ministries in other countries. Its missions involv ...
. XCCDF is intended to serve as a replacement for the security hardening and analysis documentation written in prose. XCCDF is used by the
Security Content Automation Protocol The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization, including e.g., Federal ...
.


References

{{Reflist


External links


XCCDF Homepage

XCCDF 1.1.2 specification

XCCDF 1.1.3 specification

XCCDF 1.1.4 specification

XCCDF 1.2 specification
(current as of October 2011) Checklists XML-based standards Computer security software