| Language for the open definition of vulnerabilities and for the assessment of a system state |
 |
Recommendation ITU-T X.1526 on the language for the open definition of vulnerabilities and for the assessment of a system state (also known as, open vulnerability and assessment language, (OVAL)) includes the three main steps of the assessment process: representing configuration information of endpoints for testing; analysing the endpoint for the presence of the specified machine state (vulnerability, configuration, patch state, etc.) and reporting the results of this assessment. The purpose of OVAL is to provide an international, information security, community standard to promote open and publicly available security content and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL is a language used to encode endpoint details, and an assortment of content repositories held throughout the community. |
|
| Citation: |
https://handle.itu.int/11.1002/1000/12039 |
| Series title: |
X series: Data networks, open system communications and security
X.1500-X.1599: Cybersecurity information exchange
X.1520-X.1539: Vulnerability/state exchange |
| Approval date: |
2014-01-24 |
| Provisional name: | X.oval |
| Approval process: | TAP |
|
Status: |
In force |
|
Maintenance responsibility: |
ITU-T Study Group 17 |
|
Further details: |
Patent statement(s)
Development history
|
|
|
| Title |
Approved on |
Download |
|
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|
