[SCAP-On-Apple-Dev] [SCAP-On-Apple] Mac OS X proposed pkginfo OVAL Test.

Ron Colvin ron.colvin at nasa.gov
Sun Jul 21 12:19:10 PDT 2013


On 7/21/13 3:03 PM, Todd Heberlein wrote:
> My feeling is that
>
> system_profiler -xml SPApplicationsDataType
>
> is the best starting point, and with more experience and testing, 
> spiraling out from there.
>
I agree that is a very good starting point. In my view though security 
compliance needs to be able to monitor the current state of browser 
plugins, even when they are not discerned by Apple System Profiler. Is 
Java 7 installed and patched? Flash, Adobe Reader... Most of the current 
threats to endpoints are attacking plug-in vulnerabilities in the 
browser and that risk should be enumerated.

-- 

********************************************************
Ron Colvin CISSP, CAP, CEH
Certified Security Analyst
NASA - Goddard Space Flight Center
<ron.colvin at nasa.gov>
Direct phone 301-286-2451
NASA Jabber (rdcolvin at im.nasa.gov) AIM rcolvin13
NASA LCS (ronald.d.colvin at nasa.gov)
********************************************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/scap-on-apple-dev/attachments/20130721/56586024/attachment.html>


More information about the SCAP-On-Apple-Dev mailing list