Projects

modSIC

Modulo's Open Distributed SCAP Infrastructure Collector, or modSIC, makes it easier for security analysts to scan an environment vulnerabilities based on OVAL-Definitions. It's an open-source service specialized in distributed network assessments. This initiative aims at providing a ... [More] common platform for collecting security data, making it easier for solutions to automate policy compliance, audits, risk assessments, and more, using the industry-standard Security Content Automation Protocol (SCAP). [Less]

scap-workbench

A GUI tool that provides scanning, tailoring, editing and validation functionality for SCAP content.

jOVAL

jOVAL™: OVAL® implemented in Java™. For free. jOVAL has the potential to let you scan any machine, from any other machine. The jOVAL library provides a comprehensive OVAL data model, an OVAL document processing engine, plug-in implementations for both remote and local scanning, and ... [More] adapter implementations supporting many OVAL object types. It is intended to be used in applications that call for an embedded OVAL interpreter. For more information on the project, visit http://joval.org. [Less]

openscap

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.

saetc

Aplicacion de gestion StanAlone que permite llevar el control de encuesta gestionada por el usuario.

oval-system-rpm-report

This projject is undertaken at the request of Matt Payne to report on the oval system characteristics and the rpms for linux. It lists the RPM's (name and version) for a given generated oval system characteristics file.

jcontenedor

JEE layered Service Container based on Spring 3.x with many services provided out of the box: Log (log4j, JDK, ..): HTTP-Service (jetty based) DB-Service (HSQLDB based) MVC-Service (Spring/GWT based) JMS-Service (ApacheMQ based). Web-Services (Apache cxf based). Security ... [More] (SpringSecurity based). LDAP Service (Spring LDAP based). Declarative Business Rules: Rules4Spring (jRules based). Business Validations (annotation based: Oval). AOP (Spring AOP api based). BarCode. jCaptcha. Features- Service Container based on Spring IoC Container 3.x. - Define the layers needed for an application. For example: mvc, business, persistence etc.. The layers are build in a hierarchically way being the root a registry layer for the cross services. - Remote Managed Services using RMI / SOAP. - Reloadable configuration without restarting the web/ application server. - Application Monitoring/Profiling using a web console. [Less]

rsser

Rsser is on-line RSS reader based on Spring Framework. This project is made for Software Engineering course.

ovaltools

Tools for working with the Open Vulnerability and Assessment Language (OVAL) and the eXtensible Configuration Checklist Description Format (XCCDF) are collected in this project. These tools will include: * an editor based on the jMatter.org framework * a domain specific language (DSL) for reading ... [More] and writing OVAL and XCCDF * an XCCDF interpreter * requirements traceability generator tools * SSAA and 800-26 generation tools [Less]

oscanner

The scanner is designed to run under Windows, written in C#, based on the industry standard OVAL. IntroductionOVAL(Open Vulnerability and Assessment Language) is an international, information security, community standard to promote open and publicly available security content, and to standardize ... [More] the transfer of this information across the entire spectrum of security tools and services. http://oval.mitre.org/ OScanner is a free and open source OVAL-based scanner for Windows. OScanner means OVAL scanner and OS scanner. The final target is an vulnerability+policy check tool to ensure a clean and update to date client. Dev PlanSprint 1In the initial sprint, OScanner will realize a command-line OVAL-compatible interpreter like official interpreter. It will supports Windows only. Sprint 2In this sprint, there will be a scan report generator or a clean GUI, with remediation suggestion. Sprint 3In this sprint, provide a choice of automatic remediation and other improvements. Submit to OVAL community for review and attend compatible program. Technology back end.NET Framework, C#, P/Invoke. XML related tech. Vulnerability detection based on File/Registry/WMI tests. DesignTBD Linkscompetitors: Great Sussen written in C# using Mono and GTK# references: OVAL Official Site others: FVN Tech Blog And you are welcome to attend the project! [Less]