DPE (Default Password Enumeration) security standard launched.

We are again proud and happy to announce that we have just launched a new Enumeration Project with the hope it will be useful for the security community as a new standard.

It can then be used along with softwares that integrates standards as well as OVAL, SCAP and others.

DPE is the security-database naming scheme that provides structured enumeration of default logons and passwords of network devices, applications and Operating Systems.

The main goal is to increase the "password auditing scanners" interoperability potential. Any kind of tool integrating the XML DPE scheme will be able to identify and report default access configurations on specific devices, softwares or operating systems.

Taking into account the benefits of SecurityMetrics standards principles, DPE integrates the CPE naming scheme to describe information technology systems, plateforms and packages.

DPE provides the default usernames and passwords information for the following :

 Operating Systems : Unix, Linux, Windows, iSeries AS/400 ...
 Network devices : Routers, firewalls, switches, printers
 Databases : Oracle, MySQL, MS SQL and more
 Web applications : WebSphere, Apache ...
 Administrative Web Based solutions
 Telephony devices and SIP systems
 Other: specific applicances.