SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features :
- OVAL-compatible product
- SCAP (Security Content Automation Protocol)
- Perform a deep inventory audit on installed softwares and applications
- Scan and map vulnerabilities using non-intrusive techniques based on schemas
- Detect and identify missed patches and hotfixes
- Define a patch management deployment strategy using CVSS scores
Changelog for v.1.5.2
- Based on OVAL 5.3 build 20 (see OVAL project for more information)
- SSA now supports SCAP (Security Content Automation Protocol – http://nvd.nist.gov/scap.cfm)
- SSA now supports scan for missed patches (using SCAP format)
- Updated OVAL XML Viewer Plugin
- Updated database to 2039 definitions
Download it here:
Or read more here.
