You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Attendees:



Agenda:

  1.  Release 5 Issues
  2.  Review current Lynis requirements
  3.  Discuss current Vuls requirements
    1. Currently both Incubation, Maturity, and Core require CVSS score of 9.0-10.0 to be remediated.
  4.  Define vuls, lynis, kube-hunter minimum version and database library requirements for Bluval and self running.

    1. Latest vuls scanner version:

      1. Rel 7/18/21 v0.15.13

      2. Rel 6/8/21   v0.15.12

      3. Rel 4/5/21   v0.15.11

      4. https://github.com/future-architect/vuls/releases

    2. OVAL database should be updated to latest version to improve scanning accuracy.


      msg="OVAL for ubuntu 18.04 is old, last modified is 2020-09-03 01:09:13.551580444 +0000 UTC. It's recommended to update OVAL to improve scanning accuracy. How to update OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage"

              https://github.com/kotakanbe/goval-dictionary#usage

              The following vulnerability dictionaries exist:

      • Alpine
      • Amazon
      • Debian
      • Oracle
      • Redhat (mandatory)
      • Suse
      • Ubuntu (mandatory)

             

    3. Lynis

      1. Current Lynis version:  3.0.1 (build date 2020-06-26)

        https://cisofy.com/changelog/lynis/

      2. Rel 7/22/21 v3.0.6
      3. Rel 7/2/21   v3.0.5
      4. Rel 5/11/21 v3.0.4
      5. Rel 1/7/21   v3.0.3
    4. Kube-Hunter

      https://github.com/aquasecurity/kube-hunter/releases

      1. Rel 7/23/21  v0.6.1
      2. Rel 7/22/21  v0.6.0
      3. Rel 6/10/21  v0.5.2
  5.  Open items


  • No labels