Attendees:
Agenda:
- Release 5 Issues
- Review current Lynis requirements
- Discuss current Vuls requirements
- Currently both Incubation, Maturity, and Core require CVSS score of 9.0-10.0 to be remediated.
- Define vuls, lynis, kube-hunter minimum version and database library requirements for Bluval and self running.
Latest vuls scanner version:
Rel 7/18/21 v0.15.13
- Rel 6/8/21 v0.15.12
Rel 4/5/21 v0.15.11
OVAL database should be updated to latest version to improve scanning accuracy.
msg="OVAL for ubuntu 18.04 is old, last modified is 2020-09-03 01:09:13.551580444 +0000 UTC. It's recommended to update OVAL to improve scanning accuracy. How to update OVAL database, see https://github.com/kotakanbe/goval-dictionary#usage"
https://github.com/kotakanbe/goval-dictionary#usage
The following vulnerability dictionaries exist:
- Alpine
- Amazon
- Debian
- Oracle
- Redhat (mandatory)
- Suse
- Ubuntu (mandatory)
- Lynis
Current Lynis version: 3.0.1 (build date 2020-06-26)
- Rel 7/22/21 v3.0.6
- Rel 7/2/21 v3.0.5
- Rel 5/11/21 v3.0.4
- Rel 1/7/21 v3.0.3
- Kube-Hunter
https://github.com/aquasecurity/kube-hunter/releases
- Rel 7/23/21 v0.6.1
- Rel 7/22/21 v0.6.0
- Rel 6/10/21 v0.5.2
- Open items