Vulnerability Feed

Vulnerability feed is a synchronizable list of data and scripts used to check for vulnerabilities.

aka plug-ins or network vulnerability tests (NVTs)
forms an important part of scan vendors’ commercial models
- latest updates require a valid subscription
use common identifiers to facilitate sharing of intelligence data across different platforms
scanners use the Security Content Automation Protocol (SCAP) to obtain feed or plug-in updates (scap.nist.gov)
- A NIST framework that outlines various accepted practices for automating vulnerability scanning
- provides a mechanism for distributing the feed
- defines ways to compare the actual configuration of a system to a target-secure baseline
- defines various systems of common identifiers

adam's notes