Home » Products » SCAP Sync » SCAP Sync Content Feed

SCAP Sync Content Feed

Over the weekend, Lunarline rolled out several new features to SCAP Sync. In this post, I am going to point out three of my favorite new features: it is easier to use, it has a feed for monitoring updated SCAP content, and it has version history for SCAP Content.

By the way, if you are going to be at the ITSAC conference in Baltimore this week, please come say hello! We are speaking about SCAP Sync from 2:30 – 3:00 on Wednesday, October 3rd in Room 344. We also have a booth for the duration of the conference. Our booth is #19, which is along the left wall as you enter the exhibitors’ hall.

Easier To Use

One of our primary motivations for building SCAP Sync was to simplify and demystify SCAP for the average security practitioner. Therefore, we have tried to eliminate reliance on specialized SCAP terminology and use more general IT terminology throughout. For example, instead of using the terms CVE and CWE, we now use the terms Vulnerability and Weakness. This change is very obvious on our search screen, where the filters and results use this simplified terminology.

simplified search results

Simplified Search Results

In addition to simplified terminology, we have also included new online help that describes how to use the search engine and provides some examples of useful types of activities that can be done with SCAP Sync.

built-in help

Built-in help for searching and using SCAP Sync.

You can click on the “Search” button next to any of the examples to actually run that search and see the results. We will continue to add and enhance the help documentation on SCAP Sync, because we view this as a critical step towards making SCAP easier to understand and use.

SCAP Content Update Feed

The next feature is really exciting – and nobody else is doing this!

One of the original motivations for creating SCAP Sync was to provide access to the freshest SCAP content. Therefore, SCAP Sync now includes a daily feed for new and updated SCAP Content. The daily feed lets you keep track of when changes are introduced to SCAP content. For example, you can stay current on new vulnerability disclosures released by NIST, new products added to the CPE dictionary, etc.

the SCAP Sync daily feed

Daily Update Feed

In addition to viewing this information on the web, you can also view this feed using an RSS client such as Google Reader.

RSS daily feed

Viewing the feed in an RSS client.

We think this is a really cool new feature, and we are offering this service for free on SCAP Sync, starting today!

Version History

Although we released SCAP Sync to the public on August 3rd, our crawler had already been quietly running since July 12th. Each day, the crawler checked for updated content that was published by NIST or MITRE. Whenever the crawler discovered a modified piece of content, instead of overwriting the old version with the new version, the crawler actually kept both versions in its database.

When we first launched, we enabled users to view the most recent version of each piece of SCAP content, and we kept the older versions hidden away. Starting today, we are making all of those older versions available to view on SCAP Sync. If a piece of SCAP content has older versions available, that will be indicated near the top of the screen.

an example of SCAP content with versions

A vulnerability that has version history.

Clicking on this link will bring up the version history for this piece of content. The version history shows the date and time that our crawler noticed the change. You can click on any previous version to view it. (View an example.)

example of version history

Version history for CVE-2012-1467.

You can also compare two versions side by side. This side-by-side comparison feature is targeted at advanced users: if you are familiar with Wikipedia’s version history for articles or you are a programmer, then you will feel right at home with SCAP Sync’s version history. The side-by-side view compares the raw, XML format of SCAP content. This view makes it easy to highlight the differences between two versions. For example, we can see when NIST updates the vulnerability score for a vulnerability or adds additional references.

Conclusion

In addition to these 3 new features, we have also made numerous subtle tweaks in order to make SCAP Sync easy, fast, and elegant. Please try it out and let us know what you think by leaving a comment below!

About Mark Haase

Mark Haase is the head of product engineering at Lunarline. This is a fancy way of saying that he hires people smarter than him to do the real work, then basks in the glory naturally associated with all IT software.