How Debian OVAL content is structured
Hello everyone! As we saw in the last episode, the results of vulnerability detection for one host produced by two different APIs can vary greatly. Therefore, in order to find out the truth, it is necessary to understand what vulnerability data is provided by the Linux distribution vendor and how this data is structured.
Why is it important to do this? Because using data from a Linux distribution vendor, we can ask vulnerability detection API vendors questions: why are you detecting in a different way than described in this data? And then we will understand what caused the difference. And we will either adjust the API for vulnerability detection, or we will adjust the content of the Linux distribution vendor. Either way, it will be a success! In any case, the transparency of the vulnerability detection process will increase.
00:00 Why is it important?
01:34 Debian OVAL Definitions
02:36 oval::tst:1 Debian 11 is installed
03:22 oval::tst:2 all architecture
04:04 oval::tst:3 glibc DPKG is earlier than
04:41 Simplified data for vulnerability detection
Blogpost:
#OVAL #Debian #SCAP
7 months ago 00:29:57 0
9 months ago 00:02:48 38
9 months ago 00:02:29 8
9 months ago 00:36:55 2
9 months ago 00:02:51 0
10 months ago 00:16:10 0
10 months ago 00:25:30 0
10 months ago 00:04:15 0
10 months ago 00:03:06 0
10 months ago 00:01:00 0
11 months ago 00:16:31 0
11 months ago 00:03:03 0
12 months ago 00:17:41 1
1 year ago 00:04:32 1
1 year ago 00:21:01 0
1 year ago 00:04:29 0
1 year ago 00:15:01 1
1 year ago 00:03:49 0
1 year ago 00:03:28 13
1 year ago 00:21:16 38
1 year ago 00:15:48 1
1 year ago 00:11:01 0
1 year ago 00:24:38 2
1 year ago 00:17:05 0
