Home

Introduction

Arellia Security Analysis Solution (SAS) provides a way to identify security configuration issues and vulnerabilities to software flaws published by software vendors. SAS is based on industry standards that are embraced by a number of large corporations, the U.S. military and other federal agencies, and make up a standard measurement system used to help determine the overall security of an organization's computing devices.

SAS leverages the Security Content Automation Protocol (SCAP), Open Vulnerability and Assessment Language (OVAL), eXtensible Configuration Checklist Document Format (XCCDF), and many other related standards maintained by the Computer Security Division of the National Institute of Standards and Technology (NIST).

SAS allows customers to import SCAP configurations and assess managed computers against those configurations. It also is built on the Arellia Management Server, and provides the following features:

  • Ways to remediate misconfigured settings
  • Rich reporting
  • Actionable remediation to threats