Compatibility Questionnaire: ThreatGuard (ThreatGuard On Demand 1.0) — Archive
Important: The OVAL Compatibility Program was moved to "archive" status in December 2009, and replaced with the "OVAL Adoption Program." Under the OVAL Adoption Program product validation is performed by an external organization, allowing the OVAL Team to focus on educating vendors on best practices regarding the use and implementation OVAL and on how OVAL can continue to evolve as needed by the community.
Refer to the OVAL Adoption Program section for addition information and to review all products and services listed.
Organizational Information
Name of Your Organization:
Web Site:
Product Information
Product/Service Name:
Compatible Categories:
OVAL Results Producer
Product/Service Home Page:
Product Accessibility
Language Version Indication
Approach for Correction of Errors
Compatibility Documentation
About OVAL
Open Vulnerability and Assessment Language (OVAL) is an international, information security community baseline standard for how to check for the presence of vulnerabilities and configuration issues on computer systems. OVAL standardizes the three main steps of the process: collecting system characteristics and configuration information from systems for testing; testing the systems for the presence of specific vulnerabilities, configuration issues, and/or patches; and presenting the results of the tests.
For more information on the OVAL project, please reference "http://oval.mitre.org/about/". Details about OVAL-Compatibility and OVAL-ID Compatibility can be found at "http://oval.mitre.org/compatible/index.html".
Language Support
Finding Elements Using OVAL
Finding Vulnerabilities by OVAL ID
The ThreatGuard Navigator allows you to search for vulnerabilities by OVAL ID. The bottom, left-hand corner of the main window has a Search pane as shown at the top of Figure D1. Adjust the search parameter to "OVAL ID", type in the OVAL ID of interest and click the Search button. The Search Results window (also shown in Figure D1) is displayed, holding the title, description, and solution for the vulnerability, as well as all related hosts.
OVAL Content Importation Process Explanation
Statement of Compatibility
Have an authorized individual sign and date the following Compatibility Statement (required):
"As an authorized representative of my organization I agree that we will abide by all of the mandatory Compatibility Requirements as well as all of the additional mandatory Compatibility Requirements that are appropriate for our specific type of capability."
Name: | Robert L. Hollis | |
Title: | Director of Product Development |
Statement of Accuracy
Have an authorized individual sign and date the following accuracy Statement (recommended):
"As an authorized representative of my organization and to the best of my knowledge, there are no errors in the correctness of our capability's use of OVAL schema and logic."
Name: | Robert L. Hollis | |
Title: | Director of Product Development |
Statement on Follow-on Correctness Testing Support
Have an authorized individual sign and date the following statement about your organizations willingness to support correctness testing of other capabilities, which will be managed by the Reviewing Authority and kept to reasonable levels of effort for all involved. (required):
"As an authorized representative of my organization, we agree to support the Review Authority in follow-on correctness testing activities, where appropriate types of OVAL documents might need to be exchanged with other organizations attempting to prove the correctness of their capabilities."
Name: | Robert L. Hollis | |
Title: | Director of Product Development |
Page Last Updated: December 17, 2009