|
|
WINS Co., Ltd.
http://www.wins21.co.kr
SecureCAST Vulnerability Database
http://securescast.co.kr
Provide a short description of how and where your capability is made available to your customers and the public (required):
SecureCAST web site, a vulnerabilities database (DB), is an open site. SecureCAST can be accessed online with a standard web browser at http://securescast.co.kr.
Describe how and where your capability indicates the most recent CVE version used to create or update its mappings (required):
Every day CERT team members at WINS monitor vulnerabilities with CVE code to mapping. After, we set up a CVE code route link when we make a help. Also we provide CVE Contents in CVE Information categories in the SecureCAST vulnerability database.
Indicate how often you plan on updating the mappings to reflect new CVE versions and describe your approach to keeping reasonably current with CVE versions when mapping them to your repository (required):
Everyday CERT team members at WINS monitor the help of product’s vulnerabilities which can’t find the CVE code. After monitoring, the members update link about CVE code route. In addition, we keep up to date with the contents at CVE Information categories of SecureCAST by parsing xml file provided at http://nvd.nist.gov/download.cfm.
Describe how and where you explain to your customers the timeframe they should expect an update of your capability’s mappings to reflect newly available CVE content (required):
The update process starts after a new CVE version is released. The CVE of SecureCAST DB is provided by parsing a modified.xml and a recent.xml at MITRE (http://nvd.nist.gov/download.cfm) at 6:00 a.m. every morning.
Describe the criteria used for determining the relevance of a given CVE Identifier to your Capability (required):
We are based on information of MAPP and trusted web site to provide vulnerabilities such as Secunia and SecurityFocus.
Describe the mechanism used for reviewing CVE for content changes (required):
CERT team members at WINS monitor web site to provide vulnerabilities every day. CVE contents are available to respond to changes of CVE contents on account of offer in the form of link.
Describe the source of your CVE content (required):
We collect the CVE content from the CVE and NVD web site. We also collect it from the CERT team at WINS and other security information web sites.
Provide a copy, or directions to its location, of where your documentation describes CVE and CVE compatibility for your customers (required):
SecureCAST has direct hyper-links to the CVE content and users can find out all about CVE through these links.
Provide a copy, or directions to its location, of where your documentation describes the specific details of how your customers can use CVE names to find the individual security elements within your capability’s repository (required):
By using the detailed search function in vulnerability information page and search function in CVE information page at vulnerability Database of SecureCAST. Users are able to conduct a search using CVE identifiers as the keyword.
[Figure.4] Detailed search function in vulnerability information page[Figure.5] Detailed search field[Figure.6] SecureCAST CVE information Web Page
Provide a copy, or directions to its location, of where your documentation describes the process a user would follow to find the CVE names associated with individual security elements within your capability’s repository (required):
CVE identifiers are displayed in the "CVE ID" section within each vulnerability information pages and CVE identifiers are displayed in the CVE information pages.
[Figure.7] Vulnerability information page at Vulnerability Database[Figure.8] Each vulnerability information page[Figure.9] CVE information page at vulnerability Database
Give detailed examples and explanations of how a user can locate tasks in the tool by looking for their associated CVE name (required):
By using the SecureCAST web site, users may get tasks information. By using the detailed search function in vulnerability information page and search function in CVE information page at Vulnerability Database of SecureCAST. Users are able to conduct a search using CVE identifiers as the keyword and get tasks information. (vulnerability code #)
Describe the steps that a user would follow to browse, select, and deselect a set of tasks for the tool by using individual CVE names (recommended):
Please refer to <CR_A.2.1>
Give detailed examples and explanations of the different ways that a user can use CVE names to find out which security elements are tested or detected by the service (i.e. by asking, by providing a list, by examining a coverage map, or by some other mechanism) (required):
- Step1 : Go to http://securecast.co.kr
- Step2 : Input Id and Password.
- Step3 : Go to the vulnerability page.
- Step4 : Search any CVE name
[Figure.28] SecureCAST Main Page[Figure.29] Login Page[Figure.30] Vulnerability page[Figure.31] Search the any CVE name[Figure.32] Result page
Give detailed examples and explanations of how, for reports that identify individual security elements, the user can determine the associated CVE names for the individual security elements in the report (required):
Please refer to A.4.2.
Please provide the name and version number of any product that the service allows users to have direct access to if that product identifies security elements (recommended):
SecureCAST 7.0
Give detailed examples and explanations of how a "find" or "search" function is available to the user to locate tasks in the online capability by looking for their associated CVE name or through an online mapping that links each element of the capability with its associated CVE name(s) (required):
By using the detailed search function in vulnerability information page and search function in CVE information page at Vulnerability Database of SecureCAST.
1. Vulnerability information page
Users can use the keyword search to search for a specific CVE ID as shown below.
- Step1. Click on the detailed search function button.
- Step2. Put the CVE ID into the CVE ID field.
- Step3. Click on the search button.
[Figure.33] Detailed search function in vulnerability information page[Figure.34]Put the "CVE-2010-2755" into the detailed search field[Figure.35] Click on the search buttonOnce the user clicks on the search button, then the results will be generated and CVE will be displayed.
[Figure.36] Result page2. CVE information page
Users can use the keyword search to search for a specific CVE ID as shown below:
- Step1. Put the CVE ID into the search bar
- Step2. Click on the search button.
[Figure.37] SecureCAST CVE information Web Page[Figure.38] Put the "CVE-2010-2909" into the search barOnce the user clicks on the search button, then the results will be generated and CVE will be displayed.
[Figure.39] Result pageAs you have seen, The CVE information page is the special page to see all of CVE information. Therefore, if you want to see the information of specific CVE ID, you just look the page up and down to get related information of CVE ID.
Provide a detailed description of how someone can use your "URL template" to interface to your capability’s search function (recommended):
Examples:
- http://www.example.com/cgi-bin/db-search.cgi?cvename=CVE-YYYY-NNNN
- http://www.example.com/cve/CVE-YYYY-NNNN.html
Users put the "URL template" into the address bar. For example, someone put the http://securecast.co.kr into the address bar then someone put the id and password into the field. After that, the user can access the out capability’s search function.
Web site: http://securecast.co.kr
If the URL template is for a CGI program, does it support the HTTP "GET" method? (recommended):
YES
Give detailed examples and explanations of how, for reports that identify individual security elements, the online capability allows the user to determine the associated CVE names for the individual security elements in the report. (required):
CVE identifiers are displayed in the "CVE ID" section within each vulnerability information pages and CVE identifiers are displayed in the CVE information pages.
The CVE ID on Each vulnerability information page is hyperlinks to the CVE web page that corresponds to the CVE ID.
[Figure.40] Vulnerability information page at Vulnerability Database[Figure.41] Hyperlinked CVE ID on Each vulnerability information pages[Figure.42] The CVE web page that corresponds to the CVE ID[Figure.43] CVE information page at vulnerability Database
If details for individual security elements are not provided, give examples and explanations of how a user can obtain a mapping that links each element with its associated CVE name(s), otherwise enter N/A (required):
All of our CVE ID references are hyperlinks to the CVE webpage that corresponds to the CVE ID. Go to the SecureCAST web page which is vulnerability DB. Then go to the CVE information page and vulnerability information page and the user will be able to find the online CVE information for that specific ID.
Give detailed examples and explanations of how a user can associated elements in the capability by looking for their associated CVE name (required):
See <CR_A.4.2>.
Give detailed examples and explanations of how, for reports that identify individual security elements, the capability allows the user to determine the associated CVE names for the individual security elements in the report (required):
See <CR_A.4.2>.
Give detailed examples and explanations of how a user can obtain a listing of all of the CVE names that are associated with the capability’s tasks (recommended):
See <CR_A.4.2>.
Provide details about the different electronic document formats that you provide and describe how they can be searched for specific CVE-related text (required):
The primary method for accessing SecureCAST is through its web interface found at http://securecast.co.kr . Entering the CVE name as the keyword in the search field found on vulnerabilities DB at SecureCAST, will return any associated security elements that match the search parameter.
If one of the capability’s standard electronic documents only lists security elements by their short names or titles provide example documents that demonstrate how the associated CVE names are listed for each individual security element (required):
The associated CVE name is listed prominently in the "CVE ID" section of a vulnerability information page and CVE information page on vulnerabilities DB at SecureCAST.
Provide example documents that demonstrate the mapping from the capability’s individual elements to the respective CVE name(s) (recommended):
Example Documents are here.
[Figure.44] Screenshot on Vulnerabilities information page at Vulnerability DB[Figure.45] Screenshot on CVE information page
Give detailed examples and explanations of how the GUI provides a "find" or "search" function for the user to identify your capability’s elements by looking for their associated CVE name(s) (required):
The SecureCAST GUI provides a keyword search located on vulnerability information page and CVE information page at vulnerability DB of SecureCAST. Entering the CVE name as the Keyword in the search field found on SecureCAST, will return any associated security elements that match the search parameter.
[Figure.46] Detailed search function in vulnerability information page[Figure.47] Detailed search field[Figure.48] SecureCAST CVE information Web Page
Briefly describe how the associated CVE names are listed for the individual security elements or discuss how the user can use the mapping between CVE entries and the capability’s elements, also describe the format of the mapping (required):
The CVE name is displayed in the "CVE ID" section within each vulnerability countermeasure information page.
Provide details about the different electronic document formats that you provide for exporting or accessing CVE-related data and describe how they can be searched for specific CVE-related text (recommended):
SecureCAST provide searchable asp output.
Have an authorized individual sign and date the following Compatibility Statement (required):
"As an authorized representative of my organization I agree that we will abide by all of the mandatory CVE Compatibility Requirements as well as all of the additional mandatory CVE Compatibility Requirements that are appropriate for our specific type of capability."
Name: Ji-Sang Hwang
Title: