Arctic Wolf Risk Scan Engine

Arctic Wolf Risk Scan Engine (formerly Joval) is a robust implementation of the Security Content Automation Protocol (SCAP) family of specifications and contains various licensable components, depending on your needs.

Risk Scan Engine consists of these licensable components:

• Joval SDK — A Software Development Kit (SDK) related to performing host-based and agent scans.
• Remote Management SDK — An SDK related to performing authenticated remote scanning of devices.
• Discovery SDK — An SDK related to performing unauthenticated scanning of network devices.
• Joval Utilities — A JAR file capable of performing host-based, remote, discovery and offline scans and generating reports.
• Joval .NET — A host-based scanner binary for Windows.
• Joval SCAP 1.3 Validated Module — Enables the Joval SCAP 1.3 validated module. This module allows customers to claim that they use a SCAP 1.3 validated scanner in their product and applies a verification statement on reports, indicating they were generated from a SCAP 1.3 Program Validated module.

Risk Scan Engine scan types

Through the use of plug-ins, Risk Scan Engine supports these scanning types:

• Host-based — Scans the machine that is running Risk Scan Engine.
• Remote — Scans a machine over the network using an authenticated SSH or Windows Remote Management connection.
• Discovery — Scans devices over the network using unauthenticated protocol handshakes.
• Agent — Scans a remote machine over the network, using the agent protocol as defined in the Joval SDK.
• Offline — Scans Docker images and router configuration files.