OVAL reports
is there any way to to remediate the vulnerabilities found in oval report or is only for viewing purposes
0 Comments
[ + ] Show comments
Answers (2)
Please log in to answer
Posted by:
airwolf
14 years ago
OVAL = Open Vulnerability and Assessment Language
It is for reporting purposes only. You may be able to remediate some of the issues using KBOX Scripting.
It is for reporting purposes only. You may be able to remediate some of the issues using KBOX Scripting.
Posted by:
nshah
14 years ago
Hi,
As stated it is for reporting only and you can use scripting to fix issues but more commonly Patching is used to apply patches that match the CVE number associated to the vulnerability and to the Patch. I would recommend using the OVAL information to target your most exposed systems with the KBOX patching engine and rerun the OVAL scan to see if the number of vulnerabilities have gone down.
*remember the OVAL scan is intrusive so you may not want to run it during business hours.
As stated it is for reporting only and you can use scripting to fix issues but more commonly Patching is used to apply patches that match the CVE number associated to the vulnerability and to the Patch. I would recommend using the OVAL information to target your most exposed systems with the KBOX patching engine and rerun the OVAL scan to see if the number of vulnerabilities have gone down.
*remember the OVAL scan is intrusive so you may not want to run it during business hours.
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.
