MulVAL: A logic-based enterprise network security analyzer

MulVAL stands for "Multi-host, multi-stage Vulnerability Analysis Language". It is a research tool for security practitioners and system administrators to better manage the configuration of an enterprise network such that the security risks are appropriately controlled. Our goal is to design technologies for building a security knowledge base which can be utilized by various automated tools to enhance the quality and reduce the costs of enterprise network security management.

Project Page | Instructions | License

Current Stable Version: MulVAL v1.1

Release Notes:
  • MulVAL v1.1 was released on Jan 30, 2012. This release improved efficiency of translating OVAL output to MulVAL input
  • MulVAL v1.0 was released on Dec 4, 2011
Major Contributors Acknowledgment:
The materials presented in this web page are based upon work partially supported by the National Science Foundation under Grant No. 0716665, 0954138, and 1018703, by Air Force Office of Scientific Research under award No. FA9550-09-1-0138, and by HP Labs Innovation Research Program. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.