What is the OVAL?Open Vulnerability Assessment Language (OVAL™) is sponsored by National Cyber Security Division (NCSD) at the U.S. Department of Homeland Security. OVAL provides its vulnerability content to US CERT and US-CERT uses this information and the CVE names upon which OVAL definitions are based to incorporate into its security advisories when possible. OVAL is the common language for security experts to discuss and agree upon technical details about how to check for the presence of vulnerabilities on computer systems. The vulnerabilities are identified using gold-standard tests—OVAL vulnerability definitions in Extensible Markup Language (XML) and queries in Structured Query Language (SQL)—that can be utilized by end users or implemented in scanning tools. Members of the information security community participate in the OVAL project by writing, reviewing, and discussing definitions on the OVAL Community Forum email list. This means OVAL vulnerability content reflects the insights and combined expertise of the broadest possible collection of security and system administration professionals. An OVAL Board of representatives from industry, academia, and government organizations approves OVAL's baseline schema and evaluates and reviews definitions. OVAL is
|
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more