. Nessus, http://www.tenable.com/products/nessus. Last visited on, 2011.

. Ovaldi, the OVAL Interpreter Reference Implementation. http://oval. mitre.org/language/interpreter.html. Last visited on, 2011.

P. Ammann, D. Wijesekera, and S. Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM conference on Computer and communications security , CCS '02, p.217, 2002.
DOI : 10.1145/586110.586140

J. Banghart and C. Johnson, The Technical Specification for the Security Content Automation Protocol (SCAP) NIST Special Publication, 2009.

M. Barrère, R. Badonnel, and O. Festor, Supporting Vulnerability Awareness in Autonomic Networks and Systems with OVAL, Proceeding of the 7th IEEE International Conference on Network and Service Management (CNSM'11), 2011.

M. Barrère, G. Betarte, and M. Rodríguez, Towards machine-assisted formal procedures for the collection of digital evidence, 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp.32-35, 2011.
DOI : 10.1109/PST.2011.5971960

M. Burgess, M. Disney, and R. Stadler, Network Patterns in Cfengine and Scalable Data Aggregation, Proceedings of the 21st conference on Large Installation System Administration Conference, pp.1-22, 2007.

M. Chiarini and A. Couch, Dynamic Dependencies and Performance Improvement, Proceedings of the 22nd conference on Large Installation System Administration Conference, pp.9-21, 2008.

Y. Diao, A. Keller, S. Parekh, and V. V. Marinov, Predicting Labor Cost through IT Management Complexity Metrics, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management, pp.274-283, 2007.
DOI : 10.1109/INM.2007.374792

P. Foreman, Vulnerability Management, 2010.
DOI : 10.1201/9781439801512

J. O. Kephart and D. M. Chess, The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003.
DOI : 10.1109/MC.2003.1160055

X. Ou, W. F. Boyer, and M. A. Mcqueen, A scalable approach to attack graph generation, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.336-345, 2006.
DOI : 10.1145/1180405.1180446

N. K. Pandey, S. K. Gupta, S. Leekha, and J. Zhou, ACML: Capability Based Attack Modeling Language, 2008 The Fourth International Conference on Information Assurance and Security, pp.147-154, 2008.
DOI : 10.1109/IAS.2008.26

S. J. Templeton and K. Levitt, A requires/provides model for computer attacks, Proceedings of the 2000 workshop on New security paradigms , NSPW '00, pp.31-38, 2000.
DOI : 10.1145/366173.366187

J. A. Wang and M. Guo, OVM, Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies, CSIIRW '09, pp.1-34, 2009.
DOI : 10.1145/1558607.1558646

G. Zhang, S. Ehlert, T. Magedanz, and D. Sisalem, Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding, Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, IPTComm '07, pp.57-66, 2007.
DOI : 10.1145/1326304.1326314

N. Ziring and D. Waltermire, Specification for the Extensible Configuration Checklist Description Format (XCCDF) http://scap.nist.gov/ specifications, 2011.