[Ann] An application of the CVE and ICAT
Dear Board members,
I thought that the following announcement might be of some interest to you (I asked Steve to make sure). I hope that you find it useful, or know someone who will. Please forward it as you wish.
CERIAS launches the Cassandra tool
Cassandra is a tool made to manage profiles of services and applications on servers and networks. With these profiles, it searches a local copy of NIST's ICAT database for vulnerabilities. Searches can be automated to run every night, and to email the results.
Because users may not want a list of vulnerabilities, relevant to their systems, to be sent in clear text email, there is the option of only getting a notification that new vulnerabilities have been found. With an SSL connection, a list can be retrieved from the Cassandra web site.
Cassandra can also do searches by time intervals, keywords, and for products that are not yet in the ICAT database. This provides you with a reasonable assurance that you will get notified if a new vulnerability is found in a product that is not yet listed by ICAT.
The Center for Education and Research in Information Assurance and Security (CERIAS) gratefully acknowledges the contributions of its sponsors, and NIST for classifying CVE and CAN entries into ICAT and making the full ICAT database available to CERIAS.
Cassandra is available at:
Pascal Meunier, Ph.D., M.Sc.
Assistant Research Scientist
CERIAS, REC 207