When drilling down into a vulnerability in an oval report, we found the patch associated with that threat was marked inactive, a decision made because it had been superceded by another patch (which was active). Shouldn't the machines that have the more recent patch be shown in the report as not vulnerable to the particular threat? thanks, Owen
0 Comments   [ - ] Hide Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity


I would recommend not using the OVAL scanner in the KBox. I haven't found it that accurate or helpful. Instead, we are using OpenVAS from an Ubuntu vm for our internal vulnerability scans, which covers non-Windows machines as well.
Answered 02/21/2011 by: zookdj
Second Degree Blue Belt

Please log in to comment