Login: Support | Partner    
 
Home » Technology » Standards 

Standards

The Greenbone Security Manager product line follow standards in various areas.

Vulnerability detection

Common Vulnerabilities and Exposures
(Documented vulnerabilities in IT systems)

Most of the vulnerability tests of the Greenbone Security Feed have a relationship to one or more CVE entries. These are directly available in scan reports as cross references.

All of the CVE data are, daily updated, available in the user interface for further research. Additionally, these are used in combination with CPE data from the asset management to provide vulnerability prognosis.

Common Product Enumeration
(Unified naming scheme of products to
support identification of vulnerabilities)

The product detection routines of the Greenbone Security Feed associate, if possible, a CPE code. These data get available in the scan report as well as in the asset management.

Greenbone actively contributes to the CPE database. This database is available in the user interface for further research and daily updated.

Common Vulnerability Scoring System
(Unified scheme to describe the severity of security issues)

Any vulnerability test of the Greenbone Security Feed has been assigned with a CVSS value. This allows unified analysis, comparison and selection regarding serverity in scan reports.

  • OVAL

Network integration

  • SMTP (EMail)

  • SNMP

  • SysLog

  • LDAP

  • NTP

  • DHCP

  • IPv4/IPv

Network scans

  • WMI

  • LDAP

  • HTTP

  • SMB

  • SSH

  • TCP

  • UDP

Policies

  • IT-Grundschutz

  • PCI DSS

  • ISO 27001