fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.15k stars 431 forks source link

Map SUSE and Oracle Linux OVALs for vulnerability scanning of those distros #21384

Open iansltx opened 3 months ago

iansltx commented 3 months ago

Problem

Oracle Linux and SUSE have OVALs readily available, but we don't include them in our OVAL based vulnerability scanning.

Potential solutions

Both OSes use RPMs so implementation effort shouldn't be massive (basically add as supported, then add OVAL mappings to the nvd repo).

What is the expected workflow as a result of your proposal?

OVAL scans handle vulnerabilities in the above distros.

Other Notes

Based on existing installed base/telemetry, probably a low priority, but if there's a potential customer with OL or SUSE endpoints maybe this gets bumped priority-wise.

noahtalerman commented 2 months ago

Noah: If we're not hearing about this from customers and it's not a supported operating system in the docs (now a guide) then I think we can wait.

iansltx commented 2 months ago

Yep; we can icebox this as we don't mention either of these directly: https://fleetdm.com/guides/vulnerability-processing