We use proprietary and third party's cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
Vulnerabilities OVAL scanner.THALES - FIWARE Forge Wiki

Vulnerabilities OVAL scanner.THALES

From FIWARE Forge Wiki

Jump to: navigation, search

Contents

Brief description

Open Vulnerability and Assessment Language (OVAL™) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL™ includes a language used to encode system details, and an assortment of content repositories held throughout the community. The language standardizes the three main steps of the assessment process: representing configuration information of systems for testing; analyzing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.); and reporting the results of this assessment. Source : oval.mitre.org.

Programming artefacts

to Perform a deep inventory audit on installed softwares and applications; to scan and map vulnerabilities using non-intrusive techniques based on schemas, to detect and identify missed patches and hotfixes; to define a patch management deployment strategy using CVSS scores

The language standardizes the three main steps of the assessment process : Representing configuration information of systems for testing; Analyzing the system for the presence of the specified machine state (vulnerability, configuration, patch state, etc.) and Reporting the results of this assessment.

Technologies Used

Open Vulnerability and Assessment Language (OVAL™)

Runtime pre-requisites

Windows and Linux environments

IPR

free non-intrusive OVAL-Compatible software (Open source licence)

Publicly available

Personal tools
Create a book