Trusted and un-trusted vulnerability assessment
I read a article titled From SATAN to OVAL: The Evolution of Vulnerability Assessment today, and I really like the term "Trusted" and "un-trusted" vulnerability assessment.
As Dr. Gerhard Eschelbeck put in his article:
"Un-trusted vulnerability assessments simulate the scenario of an attacker without prior knowledge about the target system, while trusted assessments leverage credentials to log into the target systems for auditing configuration and patch information."
Trusted vulnerability assessment is kind of the trend that scanner vendors are doing. One example is MS baseline scanner, another is nessus (its plugins number growed from less then 2000 to more than 8000 in 2 years, most of the new ones are "local checks"). The reason behind it is obvious: this is way easier to implement and it works well in enterprise environment (also make it less likly to be used a hacking tool).
As Dr. Gerhard Eschelbeck put in his article:
"Un-trusted vulnerability assessments simulate the scenario of an attacker without prior knowledge about the target system, while trusted assessments leverage credentials to log into the target systems for auditing configuration and patch information."
Trusted vulnerability assessment is kind of the trend that scanner vendors are doing. One example is MS baseline scanner, another is nessus (its plugins number growed from less then 2000 to more than 8000 in 2 years, most of the new ones are "local checks"). The reason behind it is obvious: this is way easier to implement and it works well in enterprise environment (also make it less likly to be used a hacking tool).
0 Comments:
Post a Comment
<< Home