Re: computer/vulnerability database



Jerry, I'm not sure if this is what you're looking for (as I didn't
really grasp your question) but OpenFISMA may apply. It's targeted at
a US Govt Federal audience but it's concepts may be very applicable
for you regardless. OpenFISMA is what an organization would use to
keep track of their vulnerabilities and how they're addressing the
issues AFTER they have already been identified.

http://www.openfisma.org/

Matt Z

On Fri, Jan 9, 2009 at 8:01 AM, Shenk, Jerry A
<jshenk@xxxxxxxxxxxxxxxxxxxx> wrote:
Does anybody have any thoughts about a database for an audit to contain
current vulnerability issues and subsequent updates?

I imagine that it should have at least two tables - one table for
computers and another table for vulnerabilities. Obviously, each
computer can have multiple vulnerabilities and it would be nice to be
able to generate a report for each vulnerability. I also think it would
be good to have the ability to note when vulnerabilities are resolved as
an additional note.


**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received this communication in error, please notify the sender and delete this e-mail message. The contents do not represent the opinion of D&E except to the extent that it relates to their official business.






Relevant Pages

  • Re: SPAM from Microsoft
    ... > infected computers are the truly clueless. ... > SUBJECT: Latest Network Security Pack ... > as well as three newly discovered vulnerabilities. ... > BLAH BLAH BLAH ...
    (microsoft.public.security)
  • Re: WMF Windows security flaw - change your browser
    ... >> Edition critically affected by one or more of the vulnerabilities that ... Although Windows 98, Windows 98 Second Edition, and Windows ... >Just another way to force users of older versions to upgrade. ... Most people who use older computers are not satisfied with using older ...
    (rec.audio.pro)
  • Re: How to avoid remote software installations?
    ... If these things are being installed by using vulnerabilities on your ... advantage of a vulnerability on the computers, ... You can make your computers safer without using a firewall, ... > Someone is installing VNC, MIRC and other software in some computers in my ...
    (microsoft.public.win2000.security)
  • computer/vulnerability database
    ... current vulnerability issues and subsequent updates? ... I imagine that it should have at least two tables - one table for ... computers and another table for vulnerabilities. ...
    (Pen-Test)