ACAS

ACAS (Assured Compliance Assessment Solution) is the DoD's enterprise vulnerability scanning and management tool suite. Built on Tenable technology (Nessus and Tenable Security Center), ACAS identifies vulnerabilities, misconfigurations, and compliance issues across DoD networks and systems.

ACAS scans produce findings that must be tracked, prioritized, and remediated. The scan results feed into the system's risk posture and are reviewed during CORA inspections and RMF assessments. Regular ACAS scanning is required for all DoD systems.