Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Standards

Security Analysis Solution is built completely around the SCAP standard, allowing customers to import and manage their XCCDF benchmarks (checklists) which are used for assessing their computers.

Acronyms

Acroynm

Name

Description

SCAP

Security Content Automation Protocol

Specification for expressing and manipulating security data in standardized ways that allow machine-readable assessment and misconfiguration remediation.

OVAL

Open Vulnerability and Assessment Language

XML specification for exchanging technical details on how to check systems for security-related software flaws, configuration issues and patches.

XCCDF

eXtensible Configuration Checklist Description Format

XML-based specification for structured collections of security configuration rules.

CPE

Common Platform Enumeration

Naming convention for hardware, OS and application products.

CVE

Common Vulnerability Enumeration

Dictionary of publicly-known security-related software flaws.

CCE

Common Configuration Enumeration

Dictionary of software security configuration issues.

CVSS

Common Vulnerability Scoring System

Method for classifying characteristics of software flaws and assigning severity scores based on these characteristics.

Compliance

Security Analysis Solution supports:

Standard

Supported Versions

SCAP

1.0 - 1.1

OVAL

5.3 - 5.9

XCCDF

1.1.4 - 1.2

CCE

5.0

CPE

2.2

CVSS

2.0

  • No labels