SSA (Security System Analyzer) is a non-intrusive OVAL-Compatible policy
compliance and vulnerability assessment software. It provides auditors and
security officers a comprehensive solution to keep pace with security
compliance requirements (patch management, vulnerability management,
software inventories...)
Changelog for v.1.5.2
- Based on OVAL 5.3 build 20 (see OVAL project for more information)
- SSA now supports SCAP (Security Content Automation Protocol -
http://nvd.nist.gov/scap.cfm). The XML SCAP files are extracted using our
new SCAP Parser (SCAP_Patch_Extractor). The coming release of SSA should
be completely compatible with XCCDF (http://nvd.nist.gov/xccdf.cfm) .
- SSA now supports scan for missed patches (using SCAP format)
* Added Windows XP Patches definition file
* Added Windows Vista Patches definition file
* Added Windows 2000 Patches definition file
* Added Office 2007 Patches definition file
* Added Internet explorer 7 patches definition file
- Updated OVAL XML Viewer Plugin
* Updated database to 2039 definitions
* Added support to CVE search (ex: CVE-2007-* will return all CVEs in
2007 used along with their appropriate OVALids.)
* Bugs fixed
Documentation for 1.5.2 should be available by the end of the week.
Download it for free at www.security-database.com/ssa.php
Any suggestions, please report it to ssa@security-database.com.
Regards
Nabil OUCHN
Security-Database.com
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer
http://www.cenzic.com/c/wf-spi
------------------------------------------------------------------------
