SACM Vulnerability Assessment Scenario
draft-ietf-sacm-vuln-scenario-02
Document Type Expired Internet-Draft (sacm WG)
Last updated 2017-03-13 (latest revision 2016-09-09)
Replaces draft-coffin-sacm-vuln-scenario
Stream IETF
Intended RFC status Informational
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state Submitted to IESG for Publication
Document shepherd Adam Montville
Shepherd write-up Show (last changed 2016-10-18)
IESG IESG state Expired (IESG: Dead)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Kathleen Moriarty
Send notices to "Adam Montville" <adam.w.montville@gmail.com>
Email authors IPR References Referenced by Nits

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-sacm-vuln-scenario-02.txt

Abstract

This document describes an automated enterprise vulnerability assessment scenario aligned with the SACM Use Cases. The scenario assumes the existence of endpoint management capabilities and begins with an enterprise ingesting vulnerability description information. Endpoints are assessed against the vulnerability description information based on a combination of examining known endpoint characterization information and collected endpoint information.

Authors

Chris Coffin (ccoffin@mitre.org)
Brant Cheikes (bcheikes@mitre.org)
Charles Schmidt (cmschmidt@mitre.org)
Daniel Haynes (dhaynes@mitre.org)
Jessica Fitzgerald-McKay (jmfitz2@nsa.gov)
David Waltermire (david.waltermire@nist.gov)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

ISOC IETF Trust RFC Editor IRTF IESG IETF IAB IASA & IAOC IETF Tools IANA