|
ADTsys Cloud Security
|
ADTsys Software
|
Cloud Security |
Brazil |
|
Authoring Tool
|
Planned
|
|
Definition Evaluator
|
Planned
|
|
Definition Repository
|
Planned
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Agiliance RiskVision
|
Agiliance
|
Big Data Risk Management Software |
United States |
| Results Consumer |
Declaration
|
|
|
Altex-Soft Ovaldb
|
Altex-Soft
|
Web-Based OVAL Repository Database |
Russia |
| Definition Repository |
**
|
|
|
Arellia Security Analysis Solution
|
Arellia Corporation
|
Security Configuration Management |
United States |
|
Definition Evaluator
|
Planned
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Armadillo
|
U.S. Army CERDEC
|
Vulnerability Assessment and Remediation |
United States |
| Definition Evaluator |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
Definition Repository
|
Planned
|
|
|
ATM Information Security Workflow
|
ATM Software sp. z o.o.
|
Workflow for server/software lifecycle management with OVAL repository and
vulnerability assessment.
|
Poland |
|
Authoring Tool
|
Planned
|
|
Definition Evaluator
|
Planned
|
|
Definition Repository
|
Planned
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
AVDS
|
Beyond Security Ltd.
|
Vulnerability and Configuration Assessment and Management |
Israel |
| Definition Evaluator |
Declaration
|
| Results Consumer |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
Catbird vSecurity
|
Catbird Networks, Inc.
|
Vulnerability Scanner, IDS/IPS, and Firewall |
United States |
|
Authoring Tool
|
Planned
|
|
Definition Evaluator
|
Planned
|
|
Definition Repository
|
Planned
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Center for Internet Security Configuration Assessment Tool (CIS-CAT)
|
Center for Internet Security
|
Host-Based Configuration Assessment Tool |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
Cisco Product Security Incident Response Team (PSIRT) Security Advisories and Vulnerability Disclosures
|
Cisco Systems, Inc.
|
Cisco Repository of OVAL Content |
United States |
| Definition Repository |
Declaration
|
|
|
Crystal Security Keeper (CSK)
|
Institute for Information Industry - CyberTrust Technology Institute
|
Vulnerability Assessment, Configuration Management, Auditing and Centralized
Audit Validation
|
Taiwan |
| Definition Evaluator |
**
|
| Definition Repository |
|
Results Consumer
|
|
|
DoD SCAP Content Repository
|
Defense Information Systems Agency Field Security Operations (DISA
FSO)
|
SCAP Content Repository |
United States |
| Definition Repository |
Declaration
|
|
|
eSCAPe - Enhanced SCAP Editor
|
G2, Inc.
|
OVAL Authoring Tool |
United States |
| Authoring Tool |
Declaration
|
|
|
FusionVM Enterprise Vulnerability Management System
|
Critical Watch
|
Enterprise Vulnerability Management System |
United States |
| Definition Evaluator |
Declaration
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Greenbone Security Manager
|
Greenbone Networks GmbH
|
Vulnerability Management |
Germany |
| Definition Evaluator |
**
|
| Results Consumer |
| System Characteristics Producer |
|
|
HP Client Automation
|
Hewlett-Packard Development Company, L.P.
|
Application Management |
United States |
| Definition Evaluator |
Declaration
|
|
|
HP Live Network
|
Hewlett-Packard Development Company, L.P.
|
Content Repository |
United States |
| Definition Repository |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
HP Server Automation
|
Hewlett-Packard Development Company, L.P.
|
Enterprise Server/Application Lifecycle Management |
United States |
| Definition Evaluator |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
IT Dashboard
|
Security-Database
|
Web-Based IT Vulnerability and Threats Dashboard |
France |
| Definition Repository |
Declaration
|
| Results Consumer |
Declaration
|
|
Authoring Tool
|
Planned
|
|
Definition Evaluator
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
jOVAL Definition Interpreter (jovaldi)
|
jOVAL.org
|
Open Source, Java-based OVAL Definition Interpreter |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
McAfee Network Access Control
|
McAfee, Inc.
|
Network Connection Health Check, Auditing and Centralized Audit Validation,
Configuration Management, Patch Management
|
United States |
| Definition Evaluator |
**
|
|
|
McAfee Policy Auditor
|
McAfee, Inc.
|
Auditing and Centralized Audit Validation, Configuration Management, Patch
Management
|
United States |
| Authoring Tool |
**
|
| Definition Evaluator |
| System Characteristics Producer |
|
|
McAfee Vulnerability Manager
|
McAfee, Inc.
|
Vulnerability Assessment, Auditing and Centralized Audit Validation,
Configuration Management, Patch Management
|
United States |
| Definition Evaluator |
**
|
|
|
Microsoft Security Compliance Manager
|
Microsoft Corporation
|
Security and Compliance Knowledge Management |
United States |
| Authoring Tool |
Declaration
|
| Definition Repository |
Declaration
|
|
|
MODSIC Project
|
Modulo Security Solutions
|
OVAL Collector Service |
United States |
| Definition Evaluator |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
Modulo Risk Manager
|
Modulo Security Solutions
|
Governance, Risk Management, and Compliance (GRC) Management |
United States |
| Definition Evaluator |
Declaration
|
| Definition Repository |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
Results Consumer
|
Planned
|
|
|
MyJVN API
|
Information-technology Promotion Agency, Japan (IPA)
|
Vulnerability Assessment and Configuration Management |
Japan |
| Definition Repository |
**
|
|
|
MyJVN Security Configuration Checker
|
Information-technology Promotion Agency, Japan (IPA)
|
Configuration Management |
Japan |
| Definition Evaluator |
**
|
|
|
MyJVN Version Checker
|
Information-technology Promotion Agency, Japan (IPA)
|
Vulnerability Assessment |
Japan |
| Definition Evaluator |
**
|
|
|
NetIQ Secure Configuration Manager
|
NetIQ Corporation
|
Enterprise Security Configuration Assessment |
United States |
| Definition Evaluator |
Declaration
|
| Results Consumer |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
NNT Change Tracker Enterprise
|
New Net Technologies, Ltd.
|
Vulnerability and Compliance Assessment and Management, Host-Based Intrusion Detection |
United Kingdom |
| Definition Evaluator |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
Definition Repository
|
Planned
|
|
Results Consumer
|
Planned
|
|
|
NopSec Vulnerability Risk Management (VRM)
|
NopSec, Inc.
|
Vulnerability Risk Management |
United States |
| Definition Evaluator |
**
|
| Results Consumer |
| System Characteristics Producer |
|
|
OpenVAS
|
OpenVAS
|
Vulnerability Management |
Germany |
| System Characteristics Producer |
**
|
|
Definition Evaluator
|
|
Results Consumer
|
|
|
ORCA
|
GCP Global
|
Governance, Risk, and Compliance (GRC) Solution |
Mexico |
| Definition Evaluator |
**
|
| Results Consumer |
|
|
Positive Technologies OVAL Repository
|
Positive Technologies CJSC
|
OVAL Definition Repository |
Russia |
| Definition Repository |
**
|
|
|
Red Hat Security Advisories
|
Red Hat, Inc.
|
Product Vulnerability Security Advisories |
United States |
| Definition Repository |
**
|
|
|
RedCheck
|
Altex-Soft
|
Vulnerability, Patch, and Compliance Assessment |
Russia |
| Definition Evaluator |
**
|
|
|
Retina Network Security Scanner
|
Beyond Trust
|
Vulnerability Assessment |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
SAINT Vulnerability Scanner
|
SAINT Corporation
|
Vulnerability Assessment |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
SCAP Compliance Checker
|
SPAWAR Systems Center Atlantic
|
OVAL Definition Evaluator |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
SCAP Extension for System Center Configuration Manager 2007
|
Microsoft Corporation
|
Enterprise Configuration Management |
United States |
| Definition Evaluator |
Declaration
|
|
|
SCAP Sync
|
Lunarline, Inc.
|
SCAP Content Repository and API |
United States |
| Definition Repository |
Declaration
|
|
|
SecPod Saner
|
SecPod Technologies
|
Vulnerability Management |
India |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
|
SecPod SCAP Feed
|
SecPod Technologies
|
OVAL Repository |
India |
| Definition Repository |
**
|
|
|
Secure Auditor
|
Secure Bytes Corporation
|
Automated Auditing Software |
United States |
|
Definition Evaluator
|
Planned
|
|
Definition Repository
|
Planned
|
|
Results Consumer
|
Planned
|
|
|
SecureVue
|
eIQnetworks, Inc.
|
Unified Situational Awareness Platform |
United States |
| Results Consumer |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
Definition Evaluator
|
Planned
|
|
Definition Repository
|
Planned
|
|
|
Security Scanning SDK
|
Pivotal Security LLC
|
OVAL Definition Evaluator |
United States |
| Definition Evaluator |
Declaration
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Security-Database OVAL Repository
|
Security-Database
|
Web-Based OVAL Repository Database |
France |
| Definition Repository |
**
|
|
Definition Evaluator
|
|
Results Consumer
|
|
System Characteristics Producer
|
|
|
Secutor Compliance Automation Toolkit (S-CAT)
|
ThreatGuard, Inc.
|
Universal, Integratable SCAP Assessment Module |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
Results Consumer
|
|
|
Secutor Magnus
|
ThreatGuard, Inc.
|
Enterprise SCAP Compliance/Vulnerability Management System |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
Results Consumer
|
|
|
Secutor Prime
|
ThreatGuard, Inc.
|
Desktop Compliance/Vulnerability Assessment Tool |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
|
Results Consumer
|
|
|
SIX OVAL
|
National Institute of Advanced Industrial Science and Technology
(AIST)
|
Enterprise Compliance/Vulnerability Management |
Japan |
| Definition Evaluator |
**
|
|
|
SSA - Security System Analyzer
|
ToolsWatch
|
Open Standard Vulnerability & Compliance Scanner |
France |
| Authoring Tool |
Declaration
|
| Definition Evaluator |
Declaration
|
|
Results Consumer
|
Declaration
|
|
System Characteristics Producer
|
Declaration
|
|
|
SUSE Linux Enterprise OVAL Information
|
SUSE
|
Database |
United States |
| Definition Repository |
Declaration
|
|
|
SUSE Manager 1.7
|
SUSE
|
Linux Patch and Configuration Management |
United States |
| Definition Evaluator |
Declaration
|
| Results Consumer |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
Symantec Control Compliance Suite
|
Symantec Corporation
|
Automated Risk and Policy Compliance Management |
United States |
| Definition Evaluator |
Declaration
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Symantec Risk Automation Suite
|
Symantec Corporation
|
Enterprise Configuration, Vulnerability, Risk, and Compliance Management |
United States |
| Definition Evaluator |
Declaration
|
| Definition Repository |
Declaration
|
|
Authoring Tool
|
Planned
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
TPOL - OVAL Security Compliance
|
Inverse Path S.r.l.
|
Vulnerability, Patch, and Compliance Assessment |
Italy |
| Authoring Tool |
**
|
| Definition Evaluator |
|
|
Tripwire Enterprise
|
Tripwire, Inc.
|
Security Configuration Management |
United States |
| Definition Evaluator |
**
|
| System Characteristics Producer |
| Results Consumer |
|
|
Triumfant Resolution Manager
|
Triumfant, Inc.
|
Vulnerability, Patch, and Compliance Assessment |
United States |
| Definition Evaluator |
Declaration
|
| Results Consumer |
Declaration
|
| System Characteristics Producer |
Declaration
|
|
|
Universal System Scanner |
ScriptRock
|
OVAL Definition Evaluator |
United States |
|
Definition Evaluator
|
Planned
|
Results
Consumer |
Planned |
|
|
vFeed API and Vulnerability Database Community |
ToolsWatch
|
Correlated Vulnerability Database |
France |
|
Definition Repository
|
**
|
|
Results Consumer |
|
|
Xacta IA Manager Assessment Engine
|
Telos Corporation
|
Certification and Accreditation Solution |
United States |
|
|
Xacta IA Manager Continuous Assessment
|
Telos Corporation
|
Certification and Accreditation Solution |
United States |
| Definition Evaluator |
Declaration
|
|
Results Consumer
|
Planned
|
|
System Characteristics Producer
|
Planned
|
|
|
Xacta IA Manager HostInfo
|
Telos Corporation
|
Certification and Accreditation Solution |
United States |
| Definition Evaluator |
Declaration
|
|
System Characteristics Producer
|
Planned
|
|
