Giving weights to compliance rules
by Sven Vermeulen, post on Thu 26 December 2013Now that we wrote up a few OVAL statements and used those instead of SCE driven checks (where possible), let's finish up and go back to the XCCDF document and see how we can put weights in place.
The CVE (Common Vulnerability Exposure) standard allows for vulnerabilities to be given …