Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Compliance Standards Overview

Paragon Automation follows the compliance standards and specifications defined by the National Institute of Standards and Technology (NIST), specifically the Security Content Automation Protocol (SCAP). Compliance documents follow the Extensible Configuration Checklist Description Format (XCCDF) specification defined using SCAP by NIST.

SCAP (pronounced ess-cap) is a suite of specifications for exchanging security automation content used to assess configuration compliance and to detect vulnerable versions of software. Multiple tools can use the same SCAP content to perform an assessment that the content describes.

The SCAP languages provide standard vocabularies and conventions for expressing security policy, technical check mechanisms, and assessment results. For more information about SCAP, see Security Content Automation Protocol at the NIST website.

Of the number of specifications available within the languages category, the XCCDF and the Open Vulnerability and Assessment Language (OVAL) are the primary specifications used in Paragon Automation.

XCCDF is an XML-based specification for writing security checklists, benchmarks, and related documents. An XCCDF document represents a structured collection of security configuration rules for a set of target systems.

The specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and compliance scoring.

Paragon Automation monitors the devices and software to ensure that they comply with the security rules defined in the benchmarks and tailorings documents applied to the network.