PaulDotCom mailing list archives

Re: Vulnerability Tracking & Management

From: Ben Jackson <bbj () mayhemiclabs com>
Date: Fri, 11 Feb 2011 08:48:03 -0500

On Thu, Feb 10, 2011 at 3:13 PM, Zate <zate75 () gmail com> wrote:

Largest problem is no standard reporting format between those tools.  Next
version of Seccubus is aiming to implement IVIL which is a xml format that
seeks to be a common format that security tools can output to.


I'm can't speak with certainty about all of the tools listed, but I
wouldn't be surprised if most of these can send data in Qualys format.
I know thats how my SIEM vendor and scanning vendor suggests
importing/exporting data to "unsupoorted" tools. I've been told it's
kind of a lingua franca in these cases. However, as always, YMMV.

-- 
Ben Jackson - Mayhemic Labs
bbj () mayhemiclabs com - http://www.mayhemiclabs.com - +1-508-296-0267
"Assume that what is in the power of one man to do, is in the power of another"
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Vulnerability Tracking & Management Josh Little (Feb 10)
- Re: Vulnerability Tracking & Management Chesmore, Michael [DAS] (Feb 10)
  - Re: Vulnerability Tracking & Management Butturini, Russell (Feb 10)
    - Re: Vulnerability Tracking & Management Josh Little (Feb 10)
    - Re: Vulnerability Tracking & Management Mike Patterson (Feb 11)
    - Re: Vulnerability Tracking & Management Josh Little (Feb 11)
- Re: Vulnerability Tracking & Management Albert R. Campa (Feb 10)
- <Possible follow-ups>
- Re: Vulnerability Tracking & Management Kevin Shaw (Feb 10)
  - Re: Vulnerability Tracking & Management Zate (Feb 10)
    - Re: Vulnerability Tracking & Management Ben Jackson (Feb 11)