IVIL : An XML schema to exchange vulnerability information
Last Friday I had the pleasure of discussing security software with Zate, the author of the Nessus Bridge for the Metasploit framework. During the conversions we both agreed that it would be very practical if there was a way to make various security tools interchange vulnerability information more easily and openly. During this discussion IVIL was born, the Intermediary Vulnerability Information Language.
IVIL is an XML schema to feed vulnerability information that is the output of a tool like e.g. Nessus, Nikto or OpenVAS into a tool to further use this information like e.g. Seccubus.
We felt that there is a need for an open, non-proprietary language that is lean and mean even though a lot of tools offer a native XML output because such a solution has a number of advantages.
- Not need to modify the receiving tool. Having an intermediary language means that a new tool can be integrated into an existing tool without the need to make modification to the tool receiving the information.
- Support for home brew tools. The open format makes it possible to integrate home brew tools with other tools without the need for the original author to put effort into supporting a tool “nobody uses”.
- Programming language independent. There is no need for anybody that want to integrate two tools be master the programming languages these tools where written in.
We felt we needed to share this work on IVIL to get the widest possible basis for adoption.
During our initial call we came up with this initial version of the XML schema: