SACM Vulnerability Assessment Scenario
draft-ietf-sacm-vuln-scenario-02
Document Type Expired Internet-Draft (sacm WG)
Authors Chris Coffin  , Brant Cheikes  , Charles Schmidt  , Daniel Haynes  , Jessica Fitzgerald-McKay  , David Waltermire 
Last updated 2017-03-13 (latest revision 2016-09-09)
Replaces draft-coffin-sacm-vuln-scenario
Stream IETF
Intended RFC status Informational
Formats
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state Submitted to IESG for Publication
Document shepherd Adam Montville
Shepherd write-up Show (last changed 2016-10-18)
IESG IESG state Expired (IESG: Dead)
Action Holders
(None)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Kathleen Moriarty
Send notices to "Adam Montville" <adam.w.montville@gmail.com>
Email authors Email WG IPR References Referenced by Nits

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-sacm-vuln-scenario-02.txt

Abstract

This document describes an automated enterprise vulnerability assessment scenario aligned with the SACM Use Cases. The scenario assumes the existence of endpoint management capabilities and begins with an enterprise ingesting vulnerability description information. Endpoints are assessed against the vulnerability description information based on a combination of examining known endpoint characterization information and collected endpoint information.

Authors

Chris Coffin (ccoffin@mitre.org)
Brant Cheikes (bcheikes@mitre.org)
Charles Schmidt (cmschmidt@mitre.org)
Daniel Haynes (dhaynes@mitre.org)
Jessica Fitzgerald-McKay (jmfitz2@nsa.gov)
David Waltermire (david.waltermire@nist.gov)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools