CPE in Use — Archive

CPE is a standardized way for enterprises to describe and identify classes of applications, operating systems, and hardware. CPE also helps in Making Security Measurable.

Government

CPE Dictionary

Provided in XML format and available to the general public, the current official version of the CPE Dictionary is maintained by the U.S. National Institute of Standards and Technology (NIST) and provides an agreed-upon list of official CPE names.

Security Content Automation Protocol (SCAP)

CPE is one of ten existing standards the National Institute of Standards and Technology’s (NIST) SCAP to enable automated vulnerability management, measurement, and policy compliance evaluation.

Community

Tools Including CPE (SCAP-Validated)

Arellia, Inc.’s Security Analysis Solution
BigFix, Inc.’s Security Configuration and Vulnerability Management Pack
BMC Software, Inc.’s BMC Automation Server and BMC BladeLogic Client Automation
CA Technologies’s CA IT Client Manager
Center for Internet Security’s CIS - Configuration Audit Tool
Core Security Technologies’s Core IMPACT Professional
Digital Defense, Inc.’s Frontline Vulnerability Manager
Dell, Inc.’s Dell KACE K1000 System Management Appliance
eEye Digital Security’s Retina
Greenbone Networks GmbH’s Greenbone Security Manager
Hewlett-Packard Development Company, L.P.’s SCAP Scanner
Lumension Security, Inc.’s Patchlink Security Configuration Management for Patchlink Update and PatchLink Security Configuration Management for PatchLink Scan
McAfee, Inc.’s Policy Auditor and Vulnerability Manager
Microsoft Corporation’s System Center Configuration Manager Extensions for SCAP
nCircle Network Security, Inc.’s IP 360 and Configuration Compliance Manager
NetIQ Corporation’s NetIQ Secure Configuration Manager
Prism Microsystems, Inc. ’s EventTracker Enterprise
Qualys, Inc.’s QualysGuard FDCC Scanner
Rapid7 LLC’s Nexpose
SAINT Corporation’s Vulnerability Scanner
SignaCert Inc.’s Enterprise Trust Server
SPAWAR Systems Center Atlantic’s SCAP Compliance Checker
Symantec Corporation’s Control Compliance Suite and Symantec Risk Automation Suite
Telos Corporation’s Xacta IA Manager (Xacta HostInfo) and Xacta IA Manager Continuous Assessment
ThreatGuard, Inc.’s Secutor Magnus with ThreatView, Secutor Prime, and S-CAT
Tripwire, Inc.’s Tripwire Enterprise
Triumfant, Inc.’s Resolution Manager
VMware, Inc.’s Shavlik Security Suite: NetChk Configure, Shavlik Security Suite: NetChk Protect, VMware vCenter Protect Essentials Government Edition (with SCAP Processor), and VMware vCenter Configuration Manager

CPE in Use

Participate