Page History

...

1.  Release 5 Issues
2.  Review current Lynis requirements
3.  Maturity review for The AI Edge: School/Education Video Security Monitoring liya yu.  Need to add column requesting security log files for review.  Also, need to check back through emails to see where this stands, nothing has happened in at least the last couple of months.
4.  Discuss current Vuls requirements
   1. Currently both Incubation, Maturity, and Core require CVSS score of 9.0-10.0 to be remediated.
5.  Define vuls, lynis, kube-hunter minimum version and database library requirements for Bluval and self running.

   1. Latest vuls scanner version:

      1. Rel 7/18/21 v0.15.13

      2. Rel 6/8/21   v0.15.12

      3. Rel 4/5/21   v0.15.11

      4. https://github.com/future-architect/vuls/releases

   2. OVAL database should be updated to latest version to improve scanning accuracy.

      
      

      msg="OVAL for ubuntu 18.04 is old, last modified is 2020-09-03 01:09:13.551580444 +0000 UTC. It's recommended to update OVAL to improve scanning accuracy. How to update OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage"

              https://github.com/kotakanbe/goval-dictionary#usage

              The following vulnerability dictionaries exist:

      • Alpine
      • Amazon
      • Debian
      • Oracle
      • Redhat (mandatory)
      • Suse
      • Ubuntu (mandatory)

             

   3. Lynis

      1. Current Lynis version:  3.0.1 (build date 2020-06-26)

         https://cisofy.com/changelog/lynis/

      2. Rel 7/22/21 v3.0.6
      3. Rel 7/2/21   v3.0.5
      4. Rel 5/11/21 v3.0.4
      5. Rel 1/7/21   v3.0.3
   4. Kube-Hunter

      https://github.com/aquasecurity/kube-hunter/releases

      1. Rel 7/23/21  v0.6.1
      2. Rel 7/22/21  v0.6.0
      3. Rel 6/10/21  v0.5.2
6.  Open items

...