Sara scanner version 7.1.1 is out

by

In: SARA , Vulnerability Scanner

12 February 2007

The Security Auditor’s Research Assistant (SARA) is a third generation network security analysis tool that is:

Tracked by SD Tools Watch

Operates under Unix, Linux, MAC OS/X or Windows (through coLinux) OS’.

  • Integrates the National Vulnerability Database (NVD).
  • Can adapt to many firewalled environments.
  • Support remote self scan and API facilities.
  • Used for CIS benchmark initiatives
  • Plug-in facility for third party apps
  • CVE standards support (20040901)
  • Enterprise search module
  • Standalone or daemon mode
  • Free-use open SATAN oriented license
  • Updated twice a month (we try)
  • User extension support
  • Based on the SATAN model

10 February 2007 (SARA-7.1.1)

  • Added optional SQL injection testing (alpha)

1 February 2007 (SARA-7.0.5)

  • Fixed false possible positive in ftp.sara
  • Updated ssh tests
  • Updated Apache tests
  • Fixed induced bug in make install
  • Fixed false positive generation in ISAPI test
  • Fixed problem with exclusion testing
  • Updated sss.pl to include database name in email report and subject

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

SARA
Vulnerability Scanner