mailing list archives
RE: Vulnerability assesment or scanner Tools
From: "Sheldon Malm" <smalm () ncircle com>
Date: Wed, 31 Oct 2007 11:57:51 -0700
Already replied directly to soul, but I might as well reply to all ...
- If you want a quick and dirty snapshot, nessus is just fine.
- If you want authenticated patch verification for MS Advisories against
Microsoft products, MBSA is just fine.
- If you want to deploy and manage an enterprise system in-house,
nCircle is the choice (all personal bias aside).
- If you want someone else to manage your security data and
infrastructure, you can either go with Qualys or an MSSP (Managed
Security Service Provider).
- There are a ton of MSSP's and most of us in the Vuln Mgmt
space have our technology in use by a number of them under the covers.
This is one man's opinion. I encourage you to look around and get
opinions from others.
Research is good and asking the list is a great first step. :))
Security Research & Development
nCircle Network Security
Check out the VERT daily post
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of josephmurelli () cox net
Sent: Wednesday, October 31, 2007 2:03 PM
To: soul; security-basics () securityfocus com
Subject: Re: Vulnerability assesment or scanner Tools
There are several different types of scanners. The few that I hadd
worked with are Interent System Security (ISS), Harris STAT, RETINA,
NetRecon, and CyberCop. NetRecon was good for Unix and Linux
worstations while the others were good for everything else. Also, if
you use Microsoft Baseline Analyst (MSBA) you will getsome good results
on securing your LAN.
---- soul <soul1273 () yahoo fr> wrote:
we are looking for a vulnerability scanner tool for our environment
(windows 2003 domaine, Windows XP, HP Unix, Linux, Cisco router,
Firewall, IPS). We have also applications like SAP, SWIFT, SUMMIT,
Exchange email server,...
Could someone advice me on this issue.
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo!