Arctic Wolf Risk Scan EngineUpdated Feb 22, 2024
Arctic Wolf Risk Scan Engine (formerly Joval) is a robust implementation of the Security Content Automation Protocol (SCAP) family of specifications and contains various licensable components, to meet various needs.
Risk Scan Engine consists of these licensable components:
- Joval SDK — A Software Development Kit (SDK) related to performing host-based and agent scans.
- Remote Management SDK — An SDK related to performing authenticated remote scanning of devices.
- Discovery SDK — An SDK related to performing unauthenticated scanning of network devices.
- Joval Utilities — A JAR file capable of performing host-based, remote, discovery and offline scans and generating reports.
- Joval .NET — A host-based scanner binary for Windows.
- Joval SCAP 1.3 Validated Module — Enables the Joval SCAP 1.3 validated module. This module allows customers to claim that they use a SCAP 1.3 validated scanner in their product and applies a verification statement on reports, indicating they were generated from a SCAP 1.3 Program Validated module.
Through the use of plug-ins, Risk Scan Engine supports these scanning types:
- Host-based — Scans the machine that is running Risk Scan Engine.
- Remote — Scans a machine over the network using an authenticated SSH or Windows Remote Management connection.
- Discovery — Scans devices over the network using unauthenticated protocol handshakes.
- Agent — Scans a remote machine over the network, using the agent protocol as defined in the Joval SDK.
- Offline — Scans Docker images and router configuration files.