BASE and Bigfix part 2

["Jefferson, Shawn" <Shawn.Jefferson () bcferries com>]

I don't know if anybody is interested or not, but I finished the second (and probably last) part of integrating Bigfix 
with BASE.  In the Unique IP Links (I chose this screen because I tend to use it to view the alerts, and I didn't want 
to bog things down when viewing a screen full of alerts), the fully qualified domain name is displayed in a red font if 
the CVE from the alert matches a CVE of a vulnerability that exists on the computer as reported by Bigfix.  This gives 
a quick visual indication for false positives (for me).

Now, I'd like to see the CVE tag used in the Emerging Threats rules where/if applicable, and some sort of integration 
with my Nessus scan results (although these are only done quarterly so have less relevance than the Bigfix results, 
which are practically real-time.)

Anyway, my hats off to Kevin Johnson and the BASE team for doing BASE in the first place and making the BASE code so 
easy to hack on.  And of course the Bigfix folks, whose product is five kinds of awesome.

--
Shawn


------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users