SCAP is a method for using specific standards to enable the automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization, including e.g., FISMA compliance. The National Vulnerability Database (NVD) is the U.S. government content repository for SCAP. This page shows you the list of SCAPs that are actively tracked by this website. These SCAPs will be updated on at least a quarterly basis, dependant upon the releases DISA makes.