Sara vulnerability scanner updated to 7.8.1

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:

  • Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’.
  • Integrates the National Vulnerability Database (NVD).
  • Performs SQL injection tests.
  • Performs exhaustive XSS tests
  • Can adapt to many firewalled environments.
  • Support remote self scan and API facilities.
  • Used for CIS benchmark initiatives
  • Plug-in facility for third party apps
  • CVE standards support
  • Enterprise search module
  • Standalone or daemon mode
  • Free-use open SATAN oriented license
  • Updated twice a month (we try)
  • User extension support
    - Based on the SATAN model

Changelog

  • added DNS test for regressive lookups
  • added DNS test for cache poisoning
  • added tutorials
  • fixed tutorials
  • added additional logic to smb.sara to protect domain accounts

Post scriptum

Compliance Mandates

  • Vulnerability Management :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

SARA
Vulnerability Management
Vulnerability Scanner