modSIC is an acronym for Modulo Open Distributed SCAP Infrastructure Collector, a project by Modulo Security, LLC to develop an open-source collection and assessment service for technology assets based on the open SCAP (Security Content Automation Protocol) standard.
The project aims at providing an infrastructure for assessing IT assets, currently implemented as a component of the Modulo Risk Manager solution. The platform can be used to collect data based on a custom model or based on public knowledge databases using OVAL, an open and interoperable standard.
modSIC uses OVAL as a data source for evaluating vulnerabilities, configurations, and patch-related issues in IT assets. It verifies certain technology resources that are part of an infrastructure, through the network, without requiring agents installed in each machine on which the collection will be performed (agentless).The results of this query is also formatted in the OVAL standard (OVAL Results or OVAL System Characteristics), where users or the application that performed the query will be able to check if their IT assets are compliant or not with a certain state.
modSIC is open source software released under a 3-clause BSD license.