Industry News Coverage - 2002 Archive
Below is a comprehensive monthly review of the news and other media's coverage of OVAL. A brief summary of each news item is listed with its title, author (if identified), date, and media source.
Date: 12/16/2002
Publication: eWeek
Byline: Dennis Fisher
Headline: "MITRE Standard Eases Vulnerability Research"
Excerpt or Summary:
OVAL was the featured topic in this article in which the author describes OVAL as "a new language designed to make it easier for researchers to define and explain vulnerabilities found in software." The author also explains how OVAL works, including the OVAL query development process and the use of CVE names as the basis for OVAL queries.
Date: 12/16/2002
Publication: ServerWatch.com
Byline: Wayne Kawamoto
Headline: "MITRE Issues New Standard for Computer Vulnerability Assessment"
Excerpt or Summary:
OVAL was the featured topic in this article that announces the launch of OVAL, explains how OVAL works, includes a description of the OVAL query development process, and details how CVE names are used as the basis for OVAL queries.
Date: 12/12/2002
Publication: Security Wire Digest, Vol. 4, No. 94
Byline: Carl Weinschenk
Headline: "MITRE Builds on CVE, Launches OVAL"
Excerpt or Summary:
This article discusses the launch of OVAL and how it builds upon the CVE Initiative. The author describes what OVAL is and how it works, mentions the importance of community involvement and participation in the development of queries, and explains the composition of the OVAL Board. The author also quotes Andre Frech, OVAL Board member and Internet Security Systems X-Force research engineer: "There are no conceivable downside potentials to OVAL. The initiative is flexibly defined so that security professionals are free to contribute or use the parts that are relevant to their issues." The article also included a link to the OVAL Web site.
Date: 12/11/2002
Publication: eWeek
Byline: Dennis Fisher
Headline: "New Language Assesses Software Flaws"
Excerpt or Summary:
This article focuses on the launch of OVAL and mentions that it builds upon
CVE. The author describes the purpose of OVAL and explains how it works, including the query development process. The author also discusses the problem OVAL addresses, which is how "each software vendor seems to define vulnerabilities differently, which often leads to disputes among researchers and vendor representatives." He concludes the article with a quote by OVAL Editor and MITRE senior information security engineer Matthew N. Wojcik, "OVAL solves the consistency problem. The queries provide a baseline for performing vulnerability assessments . . . The widespread availability of OVAL queries will provide the means for standardized vulnerability assessment and result in consistent and reproducible information assurance metrics from systems."
Date: 12/10/2002
Publication: Citadel Security Software Web site
Byline: Dennis Fisher
Headline: "Citadel CTO Carl Banzhof Appointed to MITRE OVAL (Open Vulnerability Assessment Language) Board"
Excerpt or Summary:
A press release issued by Citadel Security Software on December 10, 2002 announced that Citadel CTO Carl Banzhof joined the OVAL Board. The release also describes what OVAL is and how it works, notes that OVAL builds upon the CVE Initiative, and mentions the other organizations that make up the OVAL Board.
Page Last Updated: June 06, 2006
