The task can be run only if you have an active Kaspersky Industrial CyberSecurity for Node license key with an ICS Audit licensed object.
Security Audit task is a group or local task intended to search for vulnerabilities on devices and assess devices' compliance with operating system standards. To perform a Security Audit task, Kaspersky Endpoint Agent uses databases in XML format supplied with the product or custom ones.
To search for vulnerabilities on devices, the application uses rules written in the OVAL language.
OVAL (Open Vulnerability and Assessment Language) is an open language for describing and assessing vulnerabilities.
To assess device security and standards compliance for operating systems, the application uses rule configurations written in the OVAL and XCCDF languages.
XCCDF (Extensible Configuration Checklist Description Format) is an XML-based format for describing checklists of security parameters.
Security Audit rules are divided into classes:
Compliance – these rules check the system configuration settings for compliance with the security policy.
Inventory – these rules check whether the software or hardware specified in the rules is present in the system.
Miscellaneous – these rules contain custom checks.
Patch – these rules check whether the patches specified in the rules are installed on the system.
Vulnerability – these rules check whether the vulnerabilities specified in the rules are present in the system.
The following capabilities are available for managing Security Audit tasks: