|
| Contact Us | Downloads | News — October 1, 2008 | Search |
Compatibility Questionnaire: Secure Elements, Inc. (C5 EVM Version 3.0)
General Capability Questions |
Accuracy Questions |
Documentation Questions |
Capability Specific Questions |
Statements
Organizational InformationName of Your Organization:Secure Elements, Inc.
Web Site:Product Information Product/Service Name:C5 EVM Version 3.0
Compatible Categories:OVAL Results Consumer
Product/Service Home Page:Product AccessibilityProvide a short description of how and
where your capability is made available to your customers and the public:
C5 EVM imports OVAL results from external sources and matches them to
remediations to create actionable alerts that allow C5 EVM users to deploy
a remediation to correct a vulernable system with through a patch based or
configuration based remediation.
Language Version IndicationDescribe how and where the capability indicates
the version of the OVAL Language used to validate, create, or update
its content:
C5 EVM standardizes on OVAL version 5.0 as stated in the C5 EVM Administratior's manual.
Approach for Correction of ErrorsIndicate how a user who discovers an error in the capability's use of OVAL can report the error:
Any error in C5 EVM's use of OVAL can be reported
by email to support@secure-elements.com
Describe the approach to responding to the above error reports and how applicable fixes will be applied:
OVAL content issues will be automatically deployed to all customer sites.
All code changes to the appiance will be delivered via the stanard Secure
Elements patch/update process.
Compatibility DocumentationProvide a copy, or directions to the location, of where the documentation describes OVAL and OVAL Compatibility for any customers:
C5 EVM User's Guide - Chapter 3 working with Vulnerabilities
Language SupportIndicate the component schemas and/or individual OVAL Tests that the capability does not support for each category of OVAL Compatibility being applied for:
C5 EVM supports all component schemas and OVAL tests
Finding Elements Using OVALProvide details regarding how users can identify and find individual OVAL content (through OVAL-IDs) that is being consumed by the capability. For example, how can a user determine which definitions have been consumed and what the result of each definition is:
Individual OVAL content can be searched for within C5 EVM using the built in
Search Feature that allows the user to search by OVAL ID.
Statement of CompatibilityHave an authorized individual sign and date the following Compatibility Statement (required): "As an authorized representative of my organization I agree that we will abide by all of the mandatory Compatibility Requirements as well as all of the additional mandatory Compatibility Requirements that are appropriate for our specific type of capability."
Statement of AccuracyHave an authorized individual sign and date the following accuracy Statement (recommended): "As an authorized representative of my organization and to the best of my knowledge, there are no errors in the correctness of our capability's use of OVAL schema and logic."
Statement on Follow-on Correctness Testing SupportHave an authorized individual sign and date the following statement about your organizations willingness to support correctness testing of other capabilities, which will be managed by the Reviewing Authority and kept to reasonable levels of effort for all involved. (required): "As an authorized representative of my organization, we agree to support the Review Authority in follow-on correctness testing activities, where appropriate types of OVAL documents might need to be exchanged with other organizations attempting to prove the correctness of their capabilities."
Page Last Updated: August 10, 2006 |
|
|||||||||||||||||||
 |
||
