A source for vulnerability, inventory, patch detection and compliance verification modules served through SecPod OVAL Repository.
SecPod Technologies, a Bangalore, India based Information Security company announces the release of OVAL Definitions Professional Feed. OVAL,an Open Vulnerability and Assessment Language, is an information security standard to assess and report upon the machine state of computer systems, for the purpose of vulnerability assessment, configuration management, patch management and policy compliance.
The feed is available on a subscription model for both vendors (Redistributable License) and end users (EULA). The feed covers majority of the CVEs, including vulnerability and patch definitions, with daily updates and enables automatic synchronization with product’s repository.
“Security product vendors have a challenge to keep their products updated with the checks necessary to detect the latest vulnerabilities, patches, manage assets and their compliance to security policies”, said Chandrashekhar, CEO and Founder of SecPod Technologies. ”This feed, backed with professional support and driven through SLA will address the problem by offering high quality security content in a standard format for easy integration with vendor products. Additionally, end users who use freely available OVAL Interpreter can also subscribe to the feed.”
SecPod supports open source projects and standards as is also evident in OpenVAS and pledges the support for OVAL in the form of contribution to the publicly available OVAL Repository and to the OVAL Interpreter, mainly helping to evolve OVAL as a language. The public repository is a community driven effort to promote OVAL standard and SecPod being one of the Top Contributor to the repository intends to continue the support going forward in tandem with the professional feed.