Open Vulnerability and Assessment Language (OVAL) is an international community standard maintained by MITRE to promote open and publicly available security content, and to standardize the transfer of this information in security tools and services. OVAL's main purpose is to assist security administrators by accelerating the process of analyzing a system for the presence of a vulnerability or configuration best practices. MITRE's OVAL website contains a detailed definition at the following link: http://oval.mitre.org/about/index.html
Why is Cisco Adopting OVAL?
In September 2012 Cisco will start, where possible, releasing OVAL definitions (along with its Security Advisories and Applied Mitigation Bulletins) for Cisco IOS vulnerabilities that are released in bundles twice a year (September, March).
Cisco is committed to protect Cisco customers by sharing critical security-related information in different formats. OVAL speeds up information exchange and digestion of such security-related information. Using OVAL, security administrators and other users can accelerate the process of determining the existence of software vulnerabilities, configuration issues, programs, and/or patches in Cisco IOS Software.
What is an OVAL definition?
OVAL Definitions are XML files that contain information about how to check a system for the presence of vulnerabilities, configuration issues, patches, installed applications, or other characteristics of such system. For vulnerability checks, definitions are written to check for the presence or not of a vulnerability in a system. OVAL definitions must comply with the OVAL definition schemata and data model, and should be written in accordance with the Authoring Style Guide defined by MITRE. Visit MITRE's "OVAL Definition Lifecycle" website at the following link for a detailed description of the OVAL definition process: http://oval.mitre.org/repository/about/stages.html
What are OVAL Schemata?
The OVAL community has developed three types of schemata written in Extensible Markup Language (XML) to serve as the framework and vocabulary of the OVAL Language. These schemata correspond to the three steps of the assessment process: an OVAL System Characteristics schema for representing system information, an OVAL definition schema for expressing a specific machine state, and an OVAL Results schema for reporting the results of an assessment.
The OVAL schemata are created by MITRE and members of the OVAL Developer’s Forum and approved by the OVAL Board. Visit MITRE's OVAL Language Releases website to review or download the schemata: http://oval.mitre.org/language/index.html
Can OVAL Protect my Cisco IOS Device Against Security Vulnerabilities?
OVAL definitions can be used to determine which vulnerabilities or configuration issues exist on your Cisco IOS device, as a preventive measure. You may use this information to obtain appropriate software patches and fix information for remediation from confirmed vulnerabilities and to evaluate if a device is configured as recommended by industry-adopted best practices.
How can I use the OVAL content published by Cisco?
jOVAL can be mentioned here that can be used. Also you can mention, "other tools will be made available in the open source community. More on that later..."
Is Cisco Creating OVAL Definitions for Other Cisco Products?
Cisco is currently authoring OVAL definitions for Cisco IOS Software. However, Cisco is working with MITRE and the OVAL community to enhance and develop new schemata to better support IOS and other Cisco Products.
What is the Cisco Product Security Incident Response Team (PSIRT)?
Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks. More information about PSIRT and Cisco's Security Vulnerability Policy can be found at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Where Can I Find Other Security Related Documents Cisco Publishes?
Customers can stay current with a variety of Cisco publications, including Cisco Security Advisories, Applied Mitigation Bulletins, Event Responses, and Threat Outbreak Alerts, by receiving a short message service (SMS) text message when new content is posted. All this information can be obtained from Cisco's Security Center at: http://cisco.com/security
Hello, I have questions regarding Admin Access, if the Admin user that i created is based on External AD.and If i tick the read only or apply an rbac-read only policy.It is not affecting the admin account. Once i Login, i can still write on ISE. ...
Dear community,I have implemented two nat types and am able to achieve the same result. The nat types are static and port forward nat as below: natsnat (inside,outside) source static R1 ASA102nat (inside,outside) source static static R1 ASA102 ...
Hi, We are deploying ISE 2.6 with patch 2. We deployed one site to work with Anyconnect 4.5 and Anyconnect 4.7, it worked fine with EAP-FAST, AD and Posture (only Anyconnect 4.7). End customer needs time to upgrade Anyconnect 4.5 to 4.7, that is the ...
Hi All. I have a Cisco FMC V126.96.36.199. After upgrading to this version, I didn't have any problem. but after a while(about a few hours), that Product Updates Widget doesn't Work(nothing Show). How can i troubleshoot(for example some command in FMC linu...