SAINT 7.9 Product Release

From Saint Newletter:

Key New Features in SAINT 7.9

Vulnerability Scanner

Microsoft Patch Tuesday scan policy – This scan policy checks for the latest published Microsoft Patch Tuesday vulnerabilities (2nd Tuesday of each month)

New Vulnerability Check Type Coverage now includes –

Blind SQL injection

Flash application

  • Flash application allows object access from all domains
  • Flash application contains database connection string
  • Flash application debugging output
  • Flash application FlashVars cross-site scripting
  • Flash application cross-site scripting via GET request to javascript
  • Flash application LocalConnection cross-site scripting
  • Flash application contains MD5 hash
  • Flash application contains SHA-0 or SHA-1 hash
  • Flash application text field cross-site scripting

PCI Special Notes for the PCI Executive report format (Part 3b) can be customized

Multitasking improvements –

  • Increased scanning threads from 10 to 20
  • Compute optimal number of concurrent processes in every iteration
  • New formula uses more granular CPU speed benchmark and takes process size and available swap space into account

Check Login button – Instantly reports whether the provided Windows authentication credentials are correct

Improved host type fingerprinting – Uses Nmap in conjunction with full port scan for the best possible fingerprint

Nmap Progress bar – Displays Nmap progress in the control panel during long Nmap runs

Ability to simultaneously select/deselect all scheduled scans (including scans set up as part of a scan window) on the scan schedule page that are related to the same scan

Custom email “display name” for email alerts of scans

Run local Unix/Linux/Mac checks using successfully guessed SSH login/password pairs

Penetration Testing

Mac Camera Image Capture Exploit Tool – This tool attempts to retrieve an image file captured by an iSight camera such as the one built into a MacBook.  If it is successful, the picture is displayed. Mac camera exploit

Mac OS support in Download Connection exploit tool

Phishing improvements –

  • Ability to automatically replicate a real site
  • Ability to customize the message which is displayed after form submission

Easier, more intuitive exploit setup – Mouse over any input option on the exploit setup form to see hints.


Load-balanced Discovery – Added support for the discovery portion of load balanced scans to also be load balanced.


Added support for file behaviors

Added OVAL detail report that provides the following details –

  • Why a vulnerability was found
  • Why a patch was not found
  • Why a configuration check was not compliant
  • List of non-evaluated and erroneous definitions
  • List of definitions found not to be vulnerable, or being compliant

Added an OVAL definition detail viewer that allows users to see what checks will be run for the selected definition file, also provides details as to what each definition checks for on the target system

Added support for two more OVAL Operations (XOR, ONE, AND, OR are all now supported)

Added support for CPE-OVAL and CPE-DICTIONARY files contained in scap-data-streams (e.g., Vista system no longer scanned by XP benchmark)

ZIP files containing multiple data-streams can now be imported (e.g., USGCB-Win7)

Added XCCDF multi-target summary reports

Added new easier to use more organized XCCDF/OVAL results view page

Removed duplicates in system_characteristics output and added some other disk space saving features

Added OVAL multi-target report that provides below information –

  • ratio of hosts with no vulnerabilities to the number of hosts and the non-vulnerable host list
  • definitions with vulnerabilities and the hosts list who have these definitions
  • ratio of 100% compliant hosts to the number of hosts and which hosts they are
  • definitions with non-compliance and the host list who have these definitions
  • only 3 defintion classes are considered: compliance, vulverability, and patch


Phishing Assessment Report improvements (View sample report) –

  • state what the parameters of the phishing test were
  • a pie chart that shows the total number of addresses targeted with the test and the number of addresses that executed on the phishing attempt.
  • details show who was targeted and identify which one is executed (PASS/FAIL).
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.