sagacity
sagacity copied to clipboard
cyberperspectives
Security Assessment Data Management and Analysis Tool
Related to #24 Catalog Management Improvements The offline installation process is still pretty kludgy. There is a message in the wizard that you should put the offline files in {document_root}/tmp,...
Add the ability to download and parse CCIs to update_db.php (--cci flag) https://iase.disa.mil/stigs/cci/pages/index.aspx
We are seeing more systems where they are using 3rd party software to provide host based firewall. Disable the automatic setting of the MS FW STIG. In the future maybe...
On the catalog management page add buttons for download, offline and update Download does an download only of all required files for offline installation, equivalent to update_db.php --cpe --nvd --stig...
When importing a .ckl file, Sagacity does not assign the OS or scanned checklist to the host. Stig information is contained in: version 1 classification UNCLASSIFIED customname stigid Windows_10_STIG There...
New Feature - target specific hosts for manual testing (under random or selective sampling) and have the ability to only export E-Checklists for those hosts to perform manual testing on....
On the Catalog Management page, include catalog status information, possibly last date updated, record count, etc. for STIGS, NVD, CVEs, CWEs, Nessus Plugins, OpenVAS plugins, Exploit-DB, Metasploit, vendor advisories, etc....
Add a database backup and restore button in the Management/Settings page. Should provide the ability to specify a backup location. Default filename should include hostname and date stamp.
Matt - It would be nice if we could edit a target or import new data and not have to re-expand all our categories.
When importing an eChecklist and creating a host, be sure to set the classification of the host based on the classification markings of the eChecklist..
Metadata
Owner
Metadata
Security Assessment Data Management and Analysis Tool