2016
DOI: 10.5604/01.3001.0009.4500
|View full text |Cite
|
Sign up to set email alerts
|

A concept of standard-based vulnerability management automation for IT systems

Abstract: The paper focuses on the attempt to show a way of automating IT vulnerability management across enterprise systems with the use of the Security Content Automation Protocol. SCAP offers a set of components which provide, among others, adjustable security checklists, standardised dictionaries of security vulnerabilities and vulnerability scoring methods that may prove valuable for organisations in terms of security analysis activities and quantitative risk assessment.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
5
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
5
3

Relationship

1
7

Authors

Journals

citations
Cited by 9 publications
(5 citation statements)
references
References 6 publications
0
5
0
Order By: Relevance
“…This means that the commencement of one process does not have to be linked with the completion of a previous one. An example would be starting the tests of an encoded software fragment prior to the stage of total encoding completion [12][13][14][15][16][17].…”
Section: Methodsmentioning
confidence: 99%
“…This means that the commencement of one process does not have to be linked with the completion of a previous one. An example would be starting the tests of an encoded software fragment prior to the stage of total encoding completion [12][13][14][15][16][17].…”
Section: Methodsmentioning
confidence: 99%
“…The other metrics can be used optionally, but there are constraints on applying them to complex corporate-level system architectures. Therefore, this section only discusses the base metrics [20][21][22].…”
Section: Common Configuration Scoring Systemmentioning
confidence: 99%
“…The [8], [11]. The SCAP or Security Content Automation Protocol required for the purpose of guard against security threats of the institutions, organizations etc for continuous monitoring to the computer systems; it includes the applications they have deployed, upgrade to configurations.…”
Section: Security Content Automation Protocol and Few Concernsmentioning
confidence: 99%