IETF Logo Mail Archive

Re: [sacm] Components for Vulnerability Assessment

"Haynes, Dan" <dhaynes@mitre.org> Tue, 18 April 2017 14:21 UTC

Return-Path: <dhaynes@mitre.org>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DBE51315A6 for <sacm@ietfa.amsl.com>; Tue, 18 Apr 2017 07:21:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id chgOc-brpSHn for <sacm@ietfa.amsl.com>; Tue, 18 Apr 2017 07:21:30 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (smtpvmsrv1.mitre.org [192.52.194.136]) by ietfa.amsl.com (Postfix) with ESMTP id DD69A12F24E for <sacm@ietf.org>; Tue, 18 Apr 2017 07:21:29 -0700 (PDT)
Received: from smtpvmsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id 6EBF06C02CC; Tue, 18 Apr 2017 10:21:38 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (imshyb01.mitre.org [129.83.29.2]) by smtpvmsrv1.mitre.org (Postfix) with ESMTP id 5F7566C02D0; Tue, 18 Apr 2017 10:21:38 -0400 (EDT)
Received: from imshyb01.MITRE.ORG (129.83.29.2) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Tue, 18 Apr 2017 10:21:29 -0400
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (10.140.19.249) by imshyb01.MITRE.ORG (129.83.29.2) with Microsoft SMTP Server (TLS) id 15.0.1263.5 via Frontend Transport; Tue, 18 Apr 2017 10:21:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.onmicrosoft.com; s=selector1-mitre-org; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ed4beIxAkF0oCnI9taZ+wsulLlTsGauHUxsnngA+tEs=; b=TR4m3+9rWOOV8i8csHYprbGvJ4bhahSc4PwlJkBAXy7R0k7ekIlmRW0d/sDTlWjViQhcM/1xVzNxEUHZ+kJCtHHaRhZHgJZwlllEMW3as1U7qLG+RDk6uViGKwTc3l/beTpZZ/OvezTRsM4q4PWk/twoPksJXdej9Q0TNlxA3ro=
Received: from DM5PR09MB1354.namprd09.prod.outlook.com (10.172.38.135) by DM5PR09MB1353.namprd09.prod.outlook.com (10.172.38.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1034.10; Tue, 18 Apr 2017 14:21:22 +0000
Received: from DM5PR09MB1354.namprd09.prod.outlook.com ([10.172.38.135]) by DM5PR09MB1354.namprd09.prod.outlook.com ([10.172.38.135]) with mapi id 15.01.1034.015; Tue, 18 Apr 2017 14:21:22 +0000
From: "Haynes, Dan" <dhaynes@mitre.org>
To: Adam Montville <adam.w.montville@gmail.com>, "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: [sacm] Components for Vulnerability Assessment
Thread-Index: AQHSuERo1RuKpbFar0WA/n0zX/1IM6HLLVhQ
Date: Tue, 18 Apr 2017 14:21:22 +0000
Message-ID: <DM5PR09MB1354969FE7F3B67DC662A84AA5190@DM5PR09MB1354.namprd09.prod.outlook.com>
References: <CACknUNUNhCCV8LRDpjEm1SvgwpLq+NEEDbc3LOPYzMyRbmfy9w@mail.gmail.com>
In-Reply-To: <CACknUNUNhCCV8LRDpjEm1SvgwpLq+NEEDbc3LOPYzMyRbmfy9w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=dhaynes@mitre.org;
x-originating-ip: [192.80.55.86]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR09MB1353; 7:NoxB1QERSfGdd8QG2V27TWv4qh/idDea4XCYTU7e6s0QunLggrS2vO1chfGl8YUvvEWB39jXxilRhQgbc6L+I3ZwqvjJpHLBV+AGiSsTSApd+0qxLjq0FvrZ19a2avELa6qITtOs/ERQluWcJ4yvzABMQ08y9omnp6BVVEgGyR1k2ojtlz+LKmdinxorVVqReVD2d9B8adb+fYw5uTNlGUOYLv32HJi+5Os24NLmWG2kZ8teQ2w46B/RGzMExSFZCmk6XK0D/qpHOO1NNjyVpmQs6AD0q0pJf/SBjNMzna/l5pmuVVKm5tdfax6VRBMlCsYylhkohoWgwlUS30fACA==
x-ms-office365-filtering-correlation-id: 3d62736a-1d83-4daf-545d-08d486663077
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081); SRVR:DM5PR09MB1353;
x-microsoft-antispam-prvs: <DM5PR09MB135307BA2F0C358E7FF070CFA5190@DM5PR09MB1353.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(6055026)(6041248)(20161123560025)(20161123555025)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(6072148); SRVR:DM5PR09MB1353; BCL:0; PCL:0; RULEID:; SRVR:DM5PR09MB1353;
x-forefront-prvs: 028166BF91
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39450400003)(39840400002)(39400400002)(39410400002)(39860400002)(39850400002)(377454003)(53754006)(2950100002)(102836003)(6116002)(790700001)(3846002)(39060400002)(38730400002)(7696004)(50986999)(76176999)(6506006)(7906003)(33656002)(7736002)(74316002)(6436002)(6246003)(189998001)(606005)(9686003)(54896002)(6306002)(55016002)(99286003)(53936002)(236005)(5660300001)(229853002)(77096006)(54356999)(2501003)(3280700002)(9326002)(66066001)(3660700001)(2900100001)(86362001)(122556002)(2906002)(8676002)(81166006)(53546009)(8936002)(25786009)(19609705001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR09MB1353; H:DM5PR09MB1354.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
received-spf: None (protection.outlook.com: mitre.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR09MB1354969FE7F3B67DC662A84AA5190DM5PR09MB1354namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2017 14:21:22.3074 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR09MB1353
X-OriginatorOrg: mitre.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/39mDRf5_N9-PSeSzxCuZLVcCG00>
Subject: Re: [sacm] Components for Vulnerability Assessment
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Apr 2017 14:21:31 -0000

Hi Adam,

I think this is a good list for me, but, should the assessment results repository be merged into the endpoint repository?

Thanks,

Danny

From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of Adam Montville
Sent: Tuesday, April 18, 2017 9:04 AM
To: sacm@ietf.org
Subject: [sacm] Components for Vulnerability Assessment

Hi All:

We've got a list of components we think we care about for our vulnerability assessment scenario (focusing on the narrowest "ideal case" through the scenario for the time being.

These are:

* Vulnerability Detection Data Repository
* Vulnerability Assessor
* Endpoint Repository
* Collector
* Target Endpoint
* Assessment Results Repository

For reference, see our wiki [1] and/or the slides from IETF 98 [2] and/or the minutes from IETF 98 [3]

Question to the WG: Is this an appropriate initial list of components?

Please opine within the next few days (say by end of your day on Thursday, wherever you may be), so that we can generate some momentum on this effort.

Kind regards,

Adam

[1] https://trac.ietf.org/trac/sacm/wiki/SacmVulnerabilityAssessmentScenario
[2] https://www.ietf.org/proceedings/98/slides/slides-98-sacm-vulnerability-scenario-discussion-00.pdf
[3] https://www.ietf.org/proceedings/98/minutes/minutes-98-sacm-00.txt

v2.23.0 | Report a Bug | By Email