IETF Logo Mail Archive

Re: [sacm] Identifying Vulnerability Assessment Code

Adam Montville <adam.w.montville@gmail.com> Wed, 17 May 2017 19:27 UTC

Return-Path: <adam.w.montville@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 570AC129470 for <sacm@ietfa.amsl.com>; Wed, 17 May 2017 12:27:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iAn1Wwkqo0io for <sacm@ietfa.amsl.com>; Wed, 17 May 2017 12:27:02 -0700 (PDT)
Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43793126CF6 for <sacm@ietf.org>; Wed, 17 May 2017 12:23:27 -0700 (PDT)
Received: by mail-io0-x232.google.com with SMTP id f102so15640816ioi.2 for <sacm@ietf.org>; Wed, 17 May 2017 12:23:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5KnJqjiuBKi0spdmgakXPpQfP9rvvTXPnALikjXxcII=; b=nVQVckPTjn4pBDqiqFef004BrbtOyTvU19nMIjsCXJVTO6OT4aK6DGWgajb6iTKCBe uH3jC2dYYWojQukld+q4JYhHyGUpjefcbfYIoENJQ2K996rCx3/ikSRe95NzcvD6fWid +A5gcB8nuvwT7ghFcxf99UHF4fepSfF8uLhRkemiW1XOjLpIhkCObeYnDinhWQxC5l2S qg5COSH4BYRxAvXFNTJOjJ48jduEKMKaRoVNbbTEGU+5CqGxcyCNPq8UKWjk8FJH7YFr SPh9+8D4BgyWcZrw04hwz5zDzYz16ExLLyGD1llATLGee08dVHNMWB85zat5mZLD3FgW kIjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5KnJqjiuBKi0spdmgakXPpQfP9rvvTXPnALikjXxcII=; b=WIjDC/0W+f3x+svcYtO+j2vhpV9NO28xuX8I01XH//HeXDEywLaVzD6vSCbhtJBx7J IhJRuirPRFB3+CuCMJhpKtq8a03rPL+yriz1xdMfsgNDwIPtYi9awhFgI8DIYFvkLskI cFMRLwjeGWO4LBDT4cq8UPXLnR50dAImNopvcqB6w/eXxGFOutshNORZ1ASmtMq/WztV TrzBtYczzLN/z7x+HagA/qHlaCiwgrj603Y2cbhr+j4YnnKpL7Ns3e5ZbtX9gg1O60JY EwtklFNutCbXAIajr1nD7v2u1AglKxFFnn7W0w0bDFfvyijMMxmqSSLOmyZT49Ykd8Uf 9Wtg==
X-Gm-Message-State: AODbwcBPXFQJDEPF+SIVxYLsuctv2grCaRHJ4FxpSJE2aQs0cPLFR8Wg a9TOJKV7cBrf6UzLs02Ds19NyrXMDXoW
X-Received: by 10.107.176.131 with SMTP id z125mr392799ioe.161.1495049006590; Wed, 17 May 2017 12:23:26 -0700 (PDT)
MIME-Version: 1.0
References: <CACknUNWs8_4pBWPJHNyzVjb+aT3mb1=MqWEnyoWPiOzkz7jZEA@mail.gmail.com> <DM5PR09MB1307185DAA5B12D76926FD0CF0E60@DM5PR09MB1307.namprd09.prod.outlook.com> <CACknUNUV1bNkGN_OS3aY9U5t92YpCGcWTcwfsEAmME-__s4EEQ@mail.gmail.com> <CAKUOEQxnMXiYrXbLbQyYshBoJpC3Fj+sXX6TYDNPLD_LfpCRqA@mail.gmail.com>
In-Reply-To: <CAKUOEQxnMXiYrXbLbQyYshBoJpC3Fj+sXX6TYDNPLD_LfpCRqA@mail.gmail.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Wed, 17 May 2017 19:23:15 +0000
Message-ID: <CACknUNUbjS5C8nGM_2Exr_NKpejNUNvAnp5+-9oD3dU4AtaV_w@mail.gmail.com>
To: Bill Munyan <bill.munyan.ietf@gmail.com>
Cc: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>, "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="001a114532baf5b018054fbd3848"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/77V_4MIQyzbj5bdLoQcH1UGCNyM>
Subject: Re: [sacm] Identifying Vulnerability Assessment Code
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 May 2017 19:27:04 -0000

Great, thanks!

On Wed, May 17, 2017 at 12:59 PM Bill Munyan <bill.munyan.ietf@gmail.com>
wrote:

> Adam,
> I'm planning on contributing components for collection (of endpoint
> characteristics), vulnerability assessment (evaluation of endpoint
> characteristics vs. expected state), and an assessment results repository
> to the hackathon.
>
> Once further components are identified, I would be happy to help develop
> the "interaction goop" (aka: glue) that will allow for the components to
> interface.
>
> Cheers,
> -Bill M.
>
>
> On Tue, May 16, 2017 at 1:17 PM, Adam Montville <
> adam.w.montville@gmail.com> wrote:
>
>> Great, thanks!
>>
>> On Tue, May 16, 2017 at 11:50 AM Banghart, Stephen A. (Fed) <
>> stephen.banghart@nist.gov> wrote:
>>
>>> Adam,
>>>
>>>
>>>
>>> I’m planning on bringing a ROLIE implementation with me to the Hackathon
>>> that could fill the Vulnerability Detection Data Repository component. The
>>> ROLIE implementation could also provide arbitrary data to any component
>>> along the pipeline in order to simulation data input/output. I intend to
>>> pre-load the ROLIE server implementation with sample NVD data and sample
>>> SWID tags so that we have something for the other components to work with
>>> if need be.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Stephen Banghart
>>>
>>>
>>>
>>> *From:* sacm [mailto:sacm-bounces@ietf.org] *On Behalf Of *Adam
>>> Montville
>>> *Sent:* Tuesday, May 16, 2017 9:07 AM
>>> *To:* sacm@ietf.org
>>> *Subject:* [sacm] Identifying Vulnerability Assessment Code
>>>
>>>
>>>
>>> All:
>>>
>>>
>>>
>>> Last week a list of goals were sent to this list [1]. I did see some
>>> back-channel conversation, but nothing that made its way to the list. Then,
>>> those are our stated goals, and it is now time to start considering what
>>> code may already exist for our agreed upon components. Once again, these
>>> components are listed at [2] and repeated here:
>>>
>>>
>>>
>>> * Vulnerability Detection Data Repository
>>>
>>> * Vulnerability Assessor
>>>
>>> * Endpoint Repository
>>>
>>> * Collector
>>>
>>> * Target Endpoint
>>>
>>> * Assessment Results Repository
>>>
>>>
>>>
>>> We need to drive this to some conclusion relatively quickly. If you have
>>> or know of components filling these roles, please respond by the end of
>>> this week. Note that the target endpoint component will likely be
>>> determined based on which real-world vulnerability(ies) we choose to deal
>>> with as part of this exercise.
>>>
>>>
>>>
>>> Kind regards,
>>>
>>>
>>>
>>> Adam
>>>
>>>
>>>
>>>
>>>
>>> [1]
>>> https://mailarchive.ietf.org/arch/msg/sacm/LskQ7tj9Wvy1-0DSlEN_VakYj64
>>>
>>> [2]
>>> https://mailarchive.ietf.org/arch/msg/sacm/w_kL2vzDBPk0NN9N1WQcpb3Qwfw
>>>
>>
>> _______________________________________________
>> sacm mailing list
>> sacm@ietf.org
>> https://www.ietf.org/mailman/listinfo/sacm
>>
>>
>

v2.23.0 | Report a Bug | By Email