SCC is a SCAP Validated Authenticated Configuration Scanner, with support for SCAP versions 1.0, 1.1, 1.2 and 1.3.
- Windows 10
- Windows Server 2012, 2012 R2, 2016, 2019
- Red Hat Enterprise Linux 6, 7, 8
- Solaris 10 & 11 (x86 and SPARC)
- Ubuntu 16.04, 18.04
- SUSE Linux Enterprise 12, 15
- Oracle Linux 7, 8
- Mac OS X (x64)
- Raspbian Linux 8, 10 (armv71)
- Cisco IOS & IOS XE
- Performs authenticated configuration scanning using SCAP content
- Supports local and remote scanning of Windows and Linux/Solaris/Mac OS X
- Supports Cisco IOS and IOS XE with offline configuration scanning and SSH based scanning
- Has graphical and command line interfaces
- Native executables per platform
Obtaining the Software
Starting with version 5.4, SCC is publicly available and can be downloaded from Defense Information Systems Agency (DISA).
There are a series tutorials for SCC which can be viewed at:
- SCAP: 1.0
- Validated February 25, 2009
- SCAP 1.1
- SCAP 1.2
- Validated August 26, 2016
- SCAP 1.3
- SCAP 1.3 Validation by an independent lab is scheduled for completion in 2021.
SCC was originally funded by the Internal Revenue Service (IRS) with later funding from the National Security Agency (NSA), and is currently funded by DISA.