SSA Security System Analyzer version 1.6 beta 1 released
We are proud to announce the availability of the first beta of the 1.6 version branch.
You should also expect some bugs as this is the first beta stage of branch 1.6.
At the time of posting this news, we are already working on Beta 2.
Many changes and improvements since the 1.5.x releases.
New features
- Fully support all new Open security standards and initiatives as well as CVE, CWE, CPE, CCE, CWE, CAPEC, CVSS, CRF. Please refer to Making Security Measurable Website
- GUI redesigned and reworked
- Introduced Plugins integration and management:
- Many new HOT plugins to be released soon (CCE, Nikto, Nipper....)
- New SSA core engine designed:
- Introduced a loader to check configurations
- Configurations are stored into XML files.
- Enhanced scanning capabilities
- The support of plugins integration
- Advanced exceptions and errors handling
- OVAL Security Checks Plugin improvements:
- Fast and simple to use
- Verifies the definitions files against their MD5 signatures (only from security-database.com)
- Based on the latest OVAL Interpreter 5.3 Build 68
- Scan using categories (Inventory, Patch and Vulnerability) with the respect of the new OVAL repository requirements
- Plugin handles only "True" results.
- New Updater plugin:
- Support of Proxying (now support only simple proxies)
- Definitions can be downloaded from 2 sources repositories (security-database.com or oval.mitre.org)
- Download only essential definitions files to be used
!!!! Next Beta 2 !!!!
- New plugin based upon the CCE (Common Configurations Checks) standard.
- Fix some know bugs (OVAL security checks progress bar could freeze)
- Added the NTLM proxy authentication.
- Activate the New Report Plugin in compliance with the CRF (Common Results Format) standard.
- Draft of documentation
