diff --git a/cmake/SapiDeps.cmake b/cmake/SapiDeps.cmake
index 8bf9e65..1249530 100644
--- a/cmake/SapiDeps.cmake
+++ b/cmake/SapiDeps.cmake
@@ -42,6 +42,13 @@ if(SAPI_DOWNLOAD_ABSL)
 endif()
 check_target(absl::core_headers)
 
+if(SAPI_DOWNLOAD_LIBCAP)
+  include(cmake/libcap/Download.cmake)
+  check_target(libcap::libcap)
+else()
+  find_package(Libcap REQUIRED)
+endif()
+
 if(SAPI_DOWNLOAD_LIBUNWIND)
   include(cmake/libunwind/Download.cmake)
 endif()
@@ -66,7 +73,6 @@ else()
   find_package(Protobuf REQUIRED)
 endif()
 
-find_package(Libcap REQUIRED)
 find_package(Libffi REQUIRED)
 if(SAPI_ENABLE_EXAMPLES)
   find_package(ZLIB REQUIRED)
diff --git a/cmake/SapiOptions.cmake b/cmake/SapiOptions.cmake
index 2e2d40e..4df00a9 100644
--- a/cmake/SapiOptions.cmake
+++ b/cmake/SapiOptions.cmake
@@ -26,8 +26,8 @@ option(SAPI_DOWNLOAD_GFLAGS "Download gflags at config time" ON)
 option(SAPI_DOWNLOAD_GLOG "Download glog at config time" ON)
 option(SAPI_DOWNLOAD_PROTOBUF "Download protobuf at config time" ON)
 option(SAPI_DOWNLOAD_LIBUNWIND "Download libunwind at config time" ON)
-# TODO(cblichmann): These two are not currently implemented
 option(SAPI_DOWNLOAD_LIBCAP "Download libcap at config time" ON)
+# TODO(cblichmann): Not currently implemented
 option(SAPI_DOWNLOAD_LIBFFI "Download libffi at config time" ON)
 
 option(SAPI_ENABLE_EXAMPLES "Build example code" ON)
diff --git a/cmake/libcap/CMakeLists.txt.in b/cmake/libcap/CMakeLists.txt.in
new file mode 100644
index 0000000..4460095
--- /dev/null
+++ b/cmake/libcap/CMakeLists.txt.in
@@ -0,0 +1,27 @@
+# Copyright 2019 Google LLC. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+cmake_minimum_required(VERSION 3.12)
+project(libcap-download NONE)
+
+include(ExternalProject)
+ExternalProject_Add(libcap
+  URL https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-2.27.tar.gz
+  URL_HASH SHA256=260b549c154b07c3cdc16b9ccc93c04633c39f4fb6a4a3b8d1fa5b8a9c3f5fe8 # 2019-04-16
+  SOURCE_DIR        "${CMAKE_BINARY_DIR}/libcap-src"
+  CONFIGURE_COMMAND ""
+  BUILD_COMMAND     ""
+  INSTALL_COMMAND   ""
+  TEST_COMMAND      ""
+)
diff --git a/cmake/libcap/Download.cmake b/cmake/libcap/Download.cmake
new file mode 100644
index 0000000..ab93dc2
--- /dev/null
+++ b/cmake/libcap/Download.cmake
@@ -0,0 +1,88 @@
+# Copyright 2019 Google LLC. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Downloads and unpacks libunwind at configure time
+
+set(workdir "${CMAKE_BINARY_DIR}/libcap-download")
+
+configure_file("${CMAKE_CURRENT_LIST_DIR}/CMakeLists.txt.in"
+               "${workdir}/CMakeLists.txt")
+execute_process(COMMAND ${CMAKE_COMMAND} -G "${CMAKE_GENERATOR}" .
+                RESULT_VARIABLE error
+                WORKING_DIRECTORY "${workdir}")
+if(error)
+  message(FATAL_ERROR "CMake step for ${PROJECT_NAME} failed: ${error}")
+endif()
+
+execute_process(COMMAND ${CMAKE_COMMAND} --build .
+                RESULT_VARIABLE error
+                WORKING_DIRECTORY "${workdir}")
+if(error)
+  message(FATAL_ERROR "Build step for ${PROJECT_NAME} failed: ${error}")
+endif()
+
+set(_cap_src "${CMAKE_BINARY_DIR}/libcap-src")
+
+set(libcap_INCLUDE_DIR ${_cap_src}/libcap/include)
+
+add_custom_command(OUTPUT ${_cap_src}/libcap/cap_names.list.h
+  VERBATIM
+  # Use the same logic as libcap/Makefile
+  COMMAND sed -ne [=[/^#define[ \\t]CAP[_A-Z]\+[ \\t]\+[0-9]\+/{s/^#define \([^ \\t]*\)[ \\t]*\([^ \\t]*\)/\{\"\1\",\2\},/p;}]=]
+              ${_cap_src}/libcap/include/uapi/linux/capability.h |
+          tr [:upper:] [:lower:] > ${_cap_src}/libcap/cap_names.list.h
+)
+
+add_executable(libcap_makenames
+  ${_cap_src}/libcap/cap_names.list.h
+  ${_cap_src}/libcap/_makenames.c
+)
+target_include_directories(libcap_makenames PUBLIC
+  ${_cap_src}/libcap
+  ${_cap_src}/libcap/include
+  ${_cap_src}/libcap/include/uapi
+)
+
+add_custom_command(OUTPUT ${_cap_src}/libcap/cap_names.h
+  COMMAND libcap_makenames > ${_cap_src}/libcap/cap_names.h
+)
+
+add_library(cap STATIC
+  ${_cap_src}/libcap/cap_alloc.c
+  ${_cap_src}/libcap/cap_extint.c
+  ${_cap_src}/libcap/cap_file.c
+  ${_cap_src}/libcap/cap_flag.c
+  ${_cap_src}/libcap/cap_names.h
+  ${_cap_src}/libcap/cap_proc.c
+  ${_cap_src}/libcap/cap_text.c
+  ${_cap_src}/libcap/include/uapi/linux/capability.h
+  ${_cap_src}/libcap/libcap.h
+)
+add_library(libcap::libcap ALIAS cap)
+target_include_directories(cap PUBLIC
+  ${_cap_src}/libcap
+  ${_cap_src}/libcap/include
+  ${_cap_src}/libcap/include/uapi
+)
+target_compile_options(cap PRIVATE
+  -Wno-tautological-compare
+  -Wno-unused-result
+)
+target_compile_definitions(cap PRIVATE
+  # Work around sys/xattr.h not declaring this
+  -DXATTR_NAME_CAPS="\"security.capability\""
+)
+target_link_libraries(cap PRIVATE
+  sapi::base
+)