The National Institute of Standards and Technology has released a suite of tools to help automate vulnerability management and evaluate compliance with federal IT security requirements. It is an automated checklist that using a collection of recognized standards for naming software flaws and configuration problems in specific products.