modSIC 1.7.2 released
modSIC 1.7.2 was released today with a number of bug fixes and a new feature to select an SSH port for assessments in Unix family machines.
Download the binary files at github repository:
Download modSIC Presentations
Hello,
Today we are uploading two presentations of modSIC. One, in english, is our latest webinar in 2011 and the other, in portuguese, is a small Speech in January 2012 at SINDPD-RJ, Brazil.
Please, download the files below:
modSIC Webinar (in English):
Análise com Padrões Abertos em Segurança da Informação (in Portuguese)
New code repository
Announcement:
This week we are changing our repository and documentation pages.
Now download the modSIC source code at Github
modSIC 1.7.1 released:
- Vast performance improvements.
- Suport for IBM DB2 assessment.
modSIC v1.7 Final
New Features:
- New graphical user interface for simple assessments;
- Support for external variables in the modSIC GUI;
- modSIC formats OVAL Results in an HTML file;
- Installer now provides a set of sample OVAL Definitions;
- New option in the installer to use a certificate for test purposes (only);
- New connector for .NET client applications.
A number of bugs were fixed;
Donwload now at modSIC codeplex page.
modSIC 1.7 Beta 2
A new modSIC beta release this week.
It fixes a bug in Windows file.content.test pattern match process.
Download it at Codeplex
Learn How an Open Source Solution can Automate IT Asset Assessments
Please join us for a free interactive webinar on October 25th at 2 PM ET to see how this innovative project enables any information security professional to download, use, and even develop automated “collectors” of IT asset risk information.
In 2010 Modulo Security, the leading IT Risk and Compliance software vendor, created an open source project to enable any company to conduct automated IT Asset assessments for free.
7th Annual IT Security Automation Conference
The 7th Annual IT Security Automation Conference will be held on October 31st – November 2nd.
More information about the conference can be found at: http://scap.nist.gov/events
We are planning to go at this year’s event.
OVAL Sample Kit Survey
UPDATE 2: The OVAL samples are ready in the modSIC full installation package.
UPDATE: Thanks for everybody who submitted a suggestion in our survey. Now we are preparing the OVAL Definitions Samples based on them.
For the modSIC project, we plan on creating a “sample kit” for users just starting out with the OVAL standard.
This kit is something we’ve wanted for a while now. We’ll create a few original OVAL Definitions that are both simple and objective, allowing modSIC users to immediately request collections.
We need to know what specialists in various fields hope to analyze through OVAL. We know that most are unaware of the possibilities (and limitations) of this language and we’d like to let you know that for the purposes of this survey this is a good thing. We hope to get back examples of requests that do not take into consideration the current solution.
modSIC 1.7 on the way!
To modSIC users and the entire OVAL community: We are finishing up development of the release 1.7 of modSIC Service, including some interesting features:
- We are preparing a dedicated connector. From now on we will versioning this Connector API separately from the modSIC Service.
- modSIC Service now prevents multiple assessments from taking place on the same target machine and periodically reschedules other requests.
- A great (yet simple) graphical user interface was created for sending requests to a modSIC server.
Many other improvements are on the way. Stay tuned.
modSIC 1.4 released
The modSIC v1.4 was released!
New Features:
- Added support for behavior (only multiline) for textfilecontent54_object
- Vast performance improvements in following tests :
- fileeffectiverights53_test
- regkeyeffectiverights53_test
- accesstoken_test
- user_test
- user_sid55_test
Known Issues:
- Client Console is unstable in UNIX environments.