From 91df593566644311faaa357e5262873fe8e28204 Mon Sep 17 00:00:00 2001
From: Josh Soref <jsoref@users.noreply.github.com>
Date: Thu, 4 Apr 2019 09:51:06 -0400
Subject: [PATCH] Editorial fixes (#798)

mostly suggested by app.grammarly.com

* articles
* brand name fixes
* hyphenation
* Oxford comma
* sorting lists
* spelling
---
 README.md | 43 ++++++++++++++++++++++---------------------
 1 file changed, 22 insertions(+), 21 deletions(-)

diff --git a/README.md b/README.md
index 15169df0..f62e3fab 100644
--- a/README.md
+++ b/README.md
@@ -26,11 +26,11 @@ Twitter: [@vuls_en](https://twitter.com/vuls_en)
 # Abstract
 
 For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden.
-To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually.
+To avoid downtime in a production environment, it is common for a system administrator to choose not to use the automatic update option provided by the package manager and to perform update manually.
 This leads to the following problems.
 
-- System administrator will have to constantly watch out for any new vulnerabilities in NVD(National Vulnerability Database) or similar databases.
-- It might be impossible for the system administrator to monitor all the software if there are a large number of software installed in server.
+- The system administrator will have to constantly watch out for any new vulnerabilities in NVD (National Vulnerability Database) or similar databases.
+- It might be impossible for the system administrator to monitor all the software if there are a large number of software packages installed in the server.
 - It is expensive to perform analysis to determine the servers affected by new vulnerabilities. The possibility of overlooking a server or two during analysis is there.
 
 Vuls is a tool created to solve the problems listed above. It has the following characteristics.
@@ -38,7 +38,7 @@ Vuls is a tool created to solve the problems listed above. It has the following
 - Informs users of the vulnerabilities that are related to the system.
 - Informs users of the servers that are affected.
 - Vulnerability detection is done automatically to prevent any oversight.
-- Report is generated on regular basis using CRON or other methods. to manage vulnerability.
+- A report is generated on a regular basis using CRON or other methods. to manage vulnerability.
 
 ![Vuls-Motivation](img/vuls-motivation.png)
 
@@ -50,26 +50,27 @@ Vuls is a tool created to solve the problems listed above. It has the following
 
 [Supports major Linux/FreeBSD](https://vuls.io/docs/en/supported-os.html)
 
-- Alpine, Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, SUSE Enterprise Linux and Raspbian, FreeBSD
-- Cloud, on-premise, Docker
+- Alpine, Amazon Linux, CentOS, Debian, Oracle Linux, Raspbian, RHEL, SUSE Enterprise Linux, and Ubuntu
+- FreeBSD
+- Cloud, on-premise, and Docker
 
-## High quality scan
+## High-quality scan
 
-Vuls uses Multiple vulnerability databases
+Vuls uses multiple vulnerability databases
 
 - [NVD](https://nvd.nist.gov/)
 - [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/)
 - OVAL
-  - [RedHat](https://www.redhat.com/security/data/oval/)
   - [Debian](https://www.debian.org/security/oval/)
-  - [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
-  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
   - [Oracle Linux](https://linux.oracle.com/security/oval/)
+  - [RedHat](https://www.redhat.com/security/data/oval/)
+  - [SUSE](http://ftp.suse.com/pub/projects/security/oval/)
+  - [Ubuntu](https://people.canonical.com/~ubuntu-security/oval/)
 
 - [Alpine-secdb](https://git.alpinelinux.org/cgit/alpine-secdb/)
-- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
 - [Debian Security Bug Tracker](https://security-tracker.debian.org/tracker/)
-- Commands(yum, zypper, pkg-audit)
+- [Red Hat Security Advisories](https://access.redhat.com/security/security-updates/)
+- Commands (yum, zypper, and pkg-audit)
   - RHSA/ALAS/ELSA/FreeBSD-SA
 - [Exploit Database](https://www.exploit-db.com/)
 - [US-CERT](https://www.us-cert.gov/ncas/alerts)
@@ -82,15 +83,15 @@ Vuls uses Multiple vulnerability databases
 
 - Scan without root privilege, no dependencies
 - Almost no load on the scan target server
-- Offline mode scan with no internet access. (Red Hat, CentOS, OracleLinux, Ubuntu, Debian)
+- Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)
 
 [Fast Root Scan](https://vuls.io/docs/en/architecture-fast-root-scan.html)
 
 - Scan with root privilege
 - Almost no load on the scan target server
-- Detect processes affected by update using yum-ps (RedHat, CentOS, Oracle Linux and Amazon Linux)
+- Detect processes affected by update using yum-ps (Amazon Linux, CentOS, Oracle Linux, and RedHat)
 - Detect processes which updated before but not restarting yet using checkrestart of debian-goodies (Debian and Ubuntu)
-- Offline mode scan with no internet access. (RedHat, CentOS, OracleLinux, Ubuntu, Debian)
+- Offline mode scan with no internet access. (CentOS, Debian, Oracle Linux, Red Hat, and Ubuntu)
 
 [Deep Scan](https://vuls.io/docs/en/architecture-deep-scan.html)
 
@@ -105,7 +106,7 @@ Vuls uses Multiple vulnerability databases
 
 [Remote Scan](https://vuls.io/docs/en/architecture-remote-scan.html)
 
-- User is required to only setup one machine that is connected to other target servers via SSH
+- User is required to only set up one machine that is connected to other target servers via SSH
 
 [Local Scan](https://vuls.io/docs/en/architecture-local-scan.html)
 
@@ -116,7 +117,7 @@ Vuls uses Multiple vulnerability databases
 - It is possible to acquire the state of the server by connecting via SSH and executing the command.
 - Vuls warns when the scan target server was updated the kernel etc. but not restarting it.
 
-## Scan vulnerabilites of non-OS packages
+## Scan vulnerabilities of non-OS packages
 
 - [Common Platform Enumeration (CPE) based Scan](https://vuls.io/docs/en/usage-scan-non-os-packages.html#how-to-search-cpe-name-by-software-name)
   - NW equipment, middleware, programming language libraries and framework for vulnerability
@@ -128,10 +129,10 @@ Vuls uses Multiple vulnerability databases
 - Nondestructive testing
 - Pre-authorization is *NOT* necessary before scanning on AWS
   - Vuls works well with Continuous Integration since tests can be run every day. This allows you to find vulnerabilities very quickly.
-- Auto generation of configuration file template
-  - Auto detection of servers set using CIDR, generate configuration file template
+- Auto-generation of configuration file template
+  - Auto-detection of servers set using CIDR, generate configuration file template
 - Email and Slack notification is possible (supports Japanese language)
-- Scan result is viewable on accessory software, TUI Viewer on terminal or Web UI ([VulsRepo](https://github.com/usiusi360/vulsrepo)).
+- Scan result is viewable on accessory software, TUI Viewer in a terminal or Web UI ([VulsRepo](https://github.com/usiusi360/vulsrepo)).
 
 ----