SCAP Repository
SCAP Repository lets you search and manage SCAP content.
Repository Working
SecPod SCAP Repo architecture
SecPod SCAP Repo acting as Organizational Content Server, Authoritative Content Server and Tool vendor Content server
Why do we need a Repository?
There are many benefits to organizing and managing SCAP content in one repository.
For example:
- The repository can be searched to determine what content is and is not available
- A variety of reports can be generated and alerts can be issued, such as:
- List of most important CVE's for the past week
- OVAL definition coverage for SANS Top20
- Potential risks and risk coverage can be understood and assessed
- Since CVE detail is available locally there is no need to connect to NVD
Multiple SCAP repositories exist:
- MITRE OVAL Repository
- NIST Repository
- OS Vendor Repositories
- Product Vendors Content
- SecPod Repository
It is beneficial to aggregate content into one repository and manage locally.
Content Management:
- Global and Local Search for appropriate content – search and download specific content. For example, search for “PCI content” and download XCCDF, OVAL, CVE and CPE content related to PCI compliance.
- Import content – aggregate content into one repository from different locations.
- Content distribution across SCAP products within the organization – distribute specific content to specific SCAP enabled scanners. Or allow SCAP enabled scanners to automatically fetch specific content.
- Author/Customize content – tailor the content to organizational need.
|
|||
|
