SecPod Technologies announces the hosting of a beta version of the SCAP Repo that lets one search for and manage SCAP related content.
The SCAP Repo consolidates multiple repositories of SCAP content (CVE, CPE, CCE, CWE, OVAL, XCCDF) into one convenient repository. The information is searchable with a web based, natural language interface. Following are just a few examples of typical “long hand” and abbreviated search queries:
- What are the important threats? (important threats)
- What are yesterday’s CVEs? (yesterday cve)
- What is the Microsoft bulletin content? (microsoft bulletin)
- What CVEs have CVSS score greater than 9.3? (cves with cvss greater than 9.3)
- What Adobe CVEs have CVSS score greater than 8? (adobe cves with cvss greater than 8)
- What are the Google Chrome Mac OVAL definitions? (google chrome mac oval)
- What is the OVAL definition for CVE-2011-1234? (oval cve-2011-1234)
Additionally, it is possible to search based on:
- SCAP IDs (CVE, CCE, CPE, CWE, OVAL and XCCDF)
- Reference ID’s like BID, DSA, CESA, Fedora…
The SCAP Repo can be used as an organizational content server that manages content relevant to a specific environment. And it can be used as a content subsystem for Continuous Monitoring solutions.
SecPod also offers an SCAP Content Professional Feed that provides broad and comprehensive content coverage on a subscription basis. The SecPod SCAP Feed is fully supported with continuous updates. The feed can be used with or independent from the SCAP Repo.