...
Security Analysis Solution is built completely around the SCAP standard, allowing customers to import and manage their XCCDF benchmarks (checklists) which are used for assessing their computers.
Acronyms
Acroynm | Name | Description | More Detail | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Security Content Automation Protocol | Specification for expressing and manipulating security data in standardized ways that allow machine-readable assessment and misconfiguration remediation. | |||||||
| Open Vulnerability and Assessment Language | XML specification for exchanging technical details on how to check systems for security-related software flaws, configuration issues and patches. | |||||||
| eXtensible Configuration Checklist Description Format | XML-based specification for structured collections of security configuration rules. | |||||||
| Common Platform Enumeration | Naming convention for hardware, OS and application products. | |||||||
| Common Vulnerability Enumeration Vulnerabilities and Exposures | Dictionary of publicly-known security-related software flaws. | |||||||
| Common Configuration Enumeration | Dictionary of software security configuration issues. | |||||||
| Common Vulnerability Scoring System | Method for classifying characteristics of software flaws and assigning severity scores based on these characteristics. |
Compliance
Security Analysis Solution supports:
Standard | Supported Versions |
|---|---|
SCAP | 1.0 - 1.1 |
OVAL | 5.3 - 5.9 |
XCCDF | 1.0 - 1.4 - 1.2 4 |
CCE | 5.0 |
CPE | 2.2 |
CVSS | 2.0 |
Implementation
XCCDF
Security Analysis Solution provides the way to import and export SCAP content in the form of XCCDF benchmarks. These benchmarks can be downloaded from external sources, imported from a file or built by using any SCAP content editor tool. Profiles are contained within these benchmarks and are used within policies to perform assessments and remediation for managed computers.
See Also:
CPE
Security Analysis Solution utilizes CPEs for building target filters of managed computers. After a profile is imported, the server will analyze the CPEs that are related to that profile and perform an applicability test to determine which CPEs apply to the managed computers. From this analysis, target filters will be created and made available for targeting policies. These filters are used to define the default set of computers that a policy will apply to when building a policy and can be further refined within the policy.
See Also:
CVE
A CVE represents a published software flaw or vulnerability, which many software vendors maintain to help mitigate risk associated with their software. CVE references are used within profiles to assess the vulnerability of computers. Security Analysis Solution imports CVEs that are referenced in profiles and associates these entities within the CMDB. It also stores analysis results of computers, providing detailed reports and actionable events to help system administrators quickly and centrally control these vulnerabilities.