Tell me about the SCAP Scorecard Report

The SCAP Scorecard Report gives you a high-level summary of the current SCAP compliance status for a SCAP policy in your account.

At the top of the report you'll see a report summary with details like the policy selected for the report, the benchmark defined for the policy, the SCAP profile defined for the policy and the number of active hosts with SCAP compliance data.

How do you count active hosts?

Number of hosts in and out of compliance

Tell me about the version

Compliance status by asset group

Each asset group in the policy is listed with its compliance status (Pass or Fail).

Hosts in Compliance

Hosts Not in Compliance

Note - Hosts may be scanned successfully however the scanning engine did not evaluate all rules on the host for SCAP compliance. In this case, these hosts are counted as active hosts (because they were scanned successfully) but they are not counted in Hosts in Compliance or Hosts Not in Compliance. Rules in a SCAP policy that have one of these XCCDF test results on a host are not evaluated: "notapplicable", "notchecked", "notselected" or "informational".

Compliance status by rule

Each rule in the policy is listed with its compliance status.

Hosts in Compliance

Hosts Not in Compliance

How to view CCE information and mappings

In the Rules Summary section of your report, we'll show you current CCE IDs for each rule, as defined in the SCAP policy. Click on any CCE ID to get additional information, including mappings to NIST SP 800-53 control identifiers. These appear under References. Please note that CCE IDs will be displayed only if they are specified in the SCAP data stream.

What are CCE4 IDs?