ARTICLE

SSA Security System Analyzer version 1.5.2 released

Wednesday 18 July 2007

SSA (Security System Analyzer) is a non-intrusive OVAL-Compatible policy compliance and vulnerability assessment software. It provides auditors and security officers a comprehensive solution to keep pace with security compliance requirements (patch management, vulnerability management, software inventories...)

Changelog

- Based on OVAL 5.3 build 20 (see OVAL project for more information)

- SSA now supports SCAP (Security Content Automation Protocol). The XML SCAP files are extracted using our new SCAP Parser (SCAP_Patch_Extractor). The coming release of SSA should be completely compatible with XCCDF.

- SSA now supports scan for missed patches (using SCAP format)

  • Added Windows XP Patches definition file
  • Added Windows Vista Patches definition file
  • Added Windows 2000 Patches definition file
  • Added Office 2007 Patches definition file
  • Added Internet explorer 7 patches definition file

- Updated OVAL XML Viewer Plugin

  • Updated database to 2039 definitions
  • Added support to CVE search (ex: CVE-2007-* will return all CVEs in 2007 used along with their appropriate OVALids.)
  • Bugs fixed

Documentation should be available by the end of the week.

Any suggestions, please report it to ssa@security-database.com.


POSTSCRIPTUM

Download Version 1.5.2


RELATED ARTICLES

Configurations checks, OVAL, SSA, Vulnerability Scanner,

23 June 2008 : Integrating OVAL Interpreter into BackTrack 3.0
22 July 2007 : Sussen 0.9 available
18 July 2007 : SSA Security System Analyzer version 1.5.2 released
5 June 2007 : Oval version 5.3 2nd Canditate available
14 April 2008 : SSA 1.6 Beta 2 released
7 April 2008 : SSA Security System Analyzer version 1.6 beta 1 released
16 April 2007 : SSA is now OVAL-Compatible
13 March 2007 : SSA Security System Analyzer version 1.5.1 released
5 February 2007 : SSA Security System Analyzer version 1.5 Final is out