IETF Logo Mail Archive

Re: [sacm] Identifying Vulnerability Assessment Code

"Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov> Tue, 16 May 2017 16:55 UTC

Return-Path: <stephen.banghart@nist.gov>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C7A8127876 for <sacm@ietfa.amsl.com>; Tue, 16 May 2017 09:55:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y8IFT0Ws8xeS for <sacm@ietfa.amsl.com>; Tue, 16 May 2017 09:55:09 -0700 (PDT)
Received: from gcc01-CY1-obe.outbound.protection.outlook.com (mail-cy1gcc01on0136.outbound.protection.outlook.com [23.103.200.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25617126CC7 for <sacm@ietf.org>; Tue, 16 May 2017 09:50:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=sFIC6DZLh9uRnZS8hhvvQmo6Pprr9oggfClqQL3EPGA=; b=qFjKenfbECAlcUCiGi2EaETR491cI62qJExEce5/2WbYIrtU3rIaeyfn4finoAuVd+sUffr0aCurfP7bbZmu2e7Xsf+cJl1CnSNHbZ7fFvemTyjVfUrMOGtj+b5006toFEv/x6nWoWQHOjXas7Kp1Jz9S+jknQvCQ22aFN65/ts=
Received: from DM5PR09MB1307.namprd09.prod.outlook.com (10.172.34.141) by DM5PR09MB1305.namprd09.prod.outlook.com (10.172.34.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1084.16; Tue, 16 May 2017 16:50:52 +0000
Received: from DM5PR09MB1307.namprd09.prod.outlook.com ([10.172.34.141]) by DM5PR09MB1307.namprd09.prod.outlook.com ([10.172.34.141]) with mapi id 15.01.1084.029; Tue, 16 May 2017 16:50:52 +0000
From: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
To: Adam Montville <adam.w.montville@gmail.com>, "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: [sacm] Identifying Vulnerability Assessment Code
Thread-Index: AQHSzkXpYeZVAJRVx0GUVAXSixs9AqH3KxZA
Date: Tue, 16 May 2017 16:50:52 +0000
Message-ID: <DM5PR09MB1307185DAA5B12D76926FD0CF0E60@DM5PR09MB1307.namprd09.prod.outlook.com>
References: <CACknUNWs8_4pBWPJHNyzVjb+aT3mb1=MqWEnyoWPiOzkz7jZEA@mail.gmail.com>
In-Reply-To: <CACknUNWs8_4pBWPJHNyzVjb+aT3mb1=MqWEnyoWPiOzkz7jZEA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [129.6.251.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR09MB1305; 7:NYEzsqeJCaF8cKWJww+YYajO6YVNWvOseMCF+fXi8ivZGr73Ba8QLTzP/yKAHZ2CfGBGNczmw14JvN2Na4XClxKQMClf9kyKzOFJ/DTPRSWnbZNJm1Q52cOIorVNfZEgJAOzA7KppEOBV1P9f46GMikPKsmwq7czWGd5IzS60kZdbVg2ZLDa3BWQ5YCiB6L8fTjFNxtAuMT5E0KqCX2UWF7hLGBqzjq3QTSooB/mxFoTMQT+u+FgLVH5jS5dGDDEttHpnVwCNOL+PrdPAjCMTMPqi+12rj9oyWtYidrujlS/Hcs2AmyVHNd/5PTbYEN+c2J9fMQ8XQVnZNkuOw+C2Q==
x-ms-office365-filtering-correlation-id: 61a6d555-b5d5-4154-69ea-08d49c7bb6c7
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081)(201702281549075); SRVR:DM5PR09MB1305;
x-microsoft-antispam-prvs: <DM5PR09MB13055C25900A6C481453E884F0E60@DM5PR09MB1305.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(20161123558100)(6072148); SRVR:DM5PR09MB1305; BCL:0; PCL:0; RULEID:; SRVR:DM5PR09MB1305;
x-forefront-prvs: 03094A4065
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39850400002)(39840400002)(39400400002)(39860400002)(39410400002)(39450400003)(377454003)(50986999)(189998001)(76176999)(74316002)(54356999)(19609705001)(7906003)(7736002)(86362001)(575784001)(25786009)(3280700002)(229853002)(66066001)(2906002)(3660700001)(53546009)(39060400002)(478600001)(8676002)(122556002)(8936002)(81166006)(2900100001)(38730400002)(2950100002)(6246003)(7696004)(6506006)(6436002)(606005)(77096006)(9686003)(99286003)(53936002)(54896002)(55016002)(6306002)(236005)(33656002)(5660300001)(2501003)(790700001)(3846002)(6116002)(102836003)(966005); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR09MB1305; H:DM5PR09MB1307.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR09MB1307185DAA5B12D76926FD0CF0E60DM5PR09MB1307namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2017 16:50:52.5943 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR09MB1305
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/aOOwACDnjrFXN1PzculI9cpzVtU>
Subject: Re: [sacm] Identifying Vulnerability Assessment Code
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 May 2017 16:55:11 -0000

Adam,

I’m planning on bringing a ROLIE implementation with me to the Hackathon that could fill the Vulnerability Detection Data Repository component. The ROLIE implementation could also provide arbitrary data to any component along the pipeline in order to simulation data input/output. I intend to pre-load the ROLIE server implementation with sample NVD data and sample SWID tags so that we have something for the other components to work with if need be.

Regards,
Stephen Banghart

From: sacm [mailto:sacm-bounces@ietf.org] On Behalf Of Adam Montville
Sent: Tuesday, May 16, 2017 9:07 AM
To: sacm@ietf.org
Subject: [sacm] Identifying Vulnerability Assessment Code

All:

Last week a list of goals were sent to this list [1]. I did see some back-channel conversation, but nothing that made its way to the list. Then, those are our stated goals, and it is now time to start considering what code may already exist for our agreed upon components. Once again, these components are listed at [2] and repeated here:

* Vulnerability Detection Data Repository
* Vulnerability Assessor
* Endpoint Repository
* Collector
* Target Endpoint
* Assessment Results Repository

We need to drive this to some conclusion relatively quickly. If you have or know of components filling these roles, please respond by the end of this week. Note that the target endpoint component will likely be determined based on which real-world vulnerability(ies) we choose to deal with as part of this exercise.

Kind regards,

Adam


[1] https://mailarchive.ietf.org/arch/msg/sacm/LskQ7tj9Wvy1-0DSlEN_VakYj64
[2] https://mailarchive.ietf.org/arch/msg/sacm/w_kL2vzDBPk0NN9N1WQcpb3Qwfw

v2.23.0 | Report a Bug | By Email