Skip to Main Content
Vulnerability Management
book

Vulnerability Management

by Park Foreman
August 2009
Intermediate to advanced content levelIntermediate to advanced
347 pages
9h 16m
English
Auerbach Publications
Content preview from Vulnerability Management
teChnology 131
is a set of standards designed to support automation of VM, com-
pliance management, and other security functions. We have already
discussed some of those standards, which include OVAL, CVE, and
CVSS. ere are three items we have not discussed: CCE and CPE,
which concern target enumeration, and XCCDF, which provides
checklists for target evaluation and standard formats for reporting.
CCE refers to Common Configuration Enumeration identifiers.
ese are identifiers used to correlate checks performed on system
configurations with documents and tools that provide related infor-
mation. CCE identifiers will not be discussed in depth except to sug-
gest reviewing the CCE lists provided by Mitre Corporation.
4.11.1 CPE
Common Platform Enumeration ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Vulnerability Management, 2nd Edition

Vulnerability Management, 2nd Edition

Park Foreman

Publisher Resources

ISBN: 9781439801512