modSIC 1.8.5

[Bug Fix] The modSIC probe that checks for the Cisco IOS version and its platform was fixed.

Click to download installer

modSIC 1.8.4

This week a new version of the modSIC Service was released with the following improvements:

1. Optimization of the logging process: errors when collecting System Information are audited.
2. Support for Behavior Singleline in filecontent_object without conflicting with Behavior Multiline.

Note: Modulo Risk Manager users must obtain and install the latest knowledge packages before using this version of modSIC.

Download the installer here

modSIC 1.8.3

Finally, a major public release of modSIC:
  • [Bug Fix] <auditeventpolicysubcategories_test> now collects the remote target properly. In the Windows target machine, enable the “Remote Registry” service and give the assessment user read-only permissions to the Hive Key: HKLM\security registry.
  • [Bug Fix] NLog now is enabled, registering “error log level” events on f1.log file by default.
  • [Bug Fix] Support for Cisco IOS users without requiring credentials for the ENABLE command.
  • [Bug Fix] Fixed problems with Regex that limited the use of multiline behavior.
  • [Bug Fix] Fixed some permission issues under <accesstoken_test>.
  1. Changed the SharpSSH by the SSH.NET to support many different cipher algorithms.
  2. Tested against Windows 8 target machines. It’s important to allow the assessment user to run remote WMI queries (disabled by default on Windows 8).
Attention! github is no longer supporting the binary download section. From now on, all modSIC installation packages will be available at modsic.org.

modSIC 1.7.4

Today, a fast release of modSIC:

  • [Bug Fix] Add treatment for state referencing a variable with multiple values. Now, a test that reference a state that point to a variable with
    multiple values will be answered as unknown.
  • Added Release Notes file.

Download the binary files at github repository:

https://github.com/modulogrc/modSIC/downloads

modSIC 1.7.3

modSIC 1.7.3 was released with a many bug fixes an tools for helping the debug process:

  • Now, modSIC will restart a collection that is taking too long.
  • An nlog.config file was added to the installer, enabling verbose logging.
  • Treatment was developed for a certificate in which the private key could not be obtained.

Download the binary files at github repository:

https://github.com/modulogrc/modSIC/downloads

modSIC 1.7.2 released

modSIC 1.7.2 was released today with a number of bug fixes and a new feature to select an SSH port for assessments in Unix family machines.

Download the binary files at github repository:

https://github.com/modulogrc/modSIC/downloads

Download modSIC Presentations

Hello,

Today we are uploading two presentations of modSIC. One, in english, is our latest webinar in 2011 and the other, in portuguese, is a small Speech in January 2012 at SINDPD-RJ, Brazil.

Please, download the files below:

modSIC Webinar (in English):

Modsic_Webinar_PPTX

Análise com Padrões Abertos em Segurança da Informação (in Portuguese)

Modsic_SINDPDRJ_PDF

Modsic_SINDPDRJ_ODP

New code repository

Announcement:

This week we are changing our repository and documentation pages.

Now download the modSIC source code at Github

modSIC 1.7.1 released:

- Vast performance improvements.

- Suport for IBM DB2 assessment.

modSIC v1.7 Final

New Features:

  1. New graphical user interface for simple assessments;
  2. Support for external variables in the modSIC GUI;
  3. modSIC formats OVAL Results in an HTML file;
  4. Installer now provides a set of sample OVAL Definitions;
  5. New option in the installer to use a certificate for test purposes (only);
  6. New connector for .NET client applications.

A number of bugs were fixed;

Donwload now at modSIC codeplex page.

modSIC 1.7 Beta 2

A new modSIC beta release this week.

It fixes a bug in Windows file.content.test pattern match process.

Download it at Codeplex