Hi, Does anyone have a recommendation for a patch / vulnerability scanner for off-line systems? I'm interested in running a list of patches needed for installed software. I specifically want something to augment WSUS that covers non-Microsoft products. I think MITRE used to publish a file that could be used with SCAP Scanner, but they no longer publish it. Any suggestions and recommendations would be appreciated.
Microsoft no more provides SCAP content for scanning its products or other products on its platform. You would mostly need to work with a vendor. If it were non-MS system, you could use OpenSCAP for scanning and SCAP content from the respective vendors such as Red Hat and Ubuntu.