Devices are not permanently in the list after an OVAL scan and we could not create a full report for vulnerability management.
Root cause :
No OVAL results available: Results are deleted when OVAL definitions are updated.
Keep an history of all devices in OVAL Device Compliance after each OVAL definition updates.13 votes
Ability to create an update schedule based solely on Oval results.
1) Oval run
2) Oval reports X issues with computers
3) Click the button check box on the report (obviously need an interactive report) marked 'add to oval remediation schedule'
4) Targeted updates and patches go out to those machines that have the fixable vulnerabilities that have been checked.12 votes
In the OVAL Scan Reports, please provide also the severity levels so in this way, as professional support team, we can prioritize with vulnerability and schedule a patch to all effected client workstation/server.12 votes
This would be EXTREMELY useful. Oval testing cannot be automated at our company until we can create multiple schedules to accommodate our many departments and special needs groups
Oval testing is a not a legitimate feature without multiple schedules. Without this feature people will not really use this very useful feature..6 votes
Prohibit definition updates while a scan is in progress, and allow specified report(s) to be run automatically after scan completes.
Since the data from OVAL scans can be removed at any given time, there should be some kind of protection for active scans and allowing them to complete and be reported on before the definitions can be updated.3 votes
Rank vulnerabilities by severity and include a report that lists vulnerabilities by their severity. Allow the option to accept a vulnerability with comment.1 vote
- Don't see your idea?