Educause Security Discussion
mailing list archives
Re: Vulnerability Scanner Recommendations
From: Kevin Halgren <kevin.halgren () WASHBURN EDU>
Date: Fri, 16 Nov 2012 16:40:31 -0600
Personally I love our Nessus system, but I don't have experience with
other commercial products.
OpenVAS is free and open-source and it's OK, though it's not as easy to
use and requires more customization to be useful. Nessus gives better
results in my opinion. It's interesting to scan the same system with
each and see the difference in results.
In any case, these are just a tools. You still have to be able to
assess and validate the results these systems give you. They help find
a number of issues, but there are always some false-positives or
differences in judgement regarding how significant an issue is. For
example, I consider a Denial-of-Service vulnerability on most systems to
be a medium-risk issue, we'll fix it at the next good opportunity or
scheduled update cycle. Potential information exposure, on the other
hand, is high-risk and requires a more urgent response. Network
security scanners may prioritize such vulnerabilities differently from
what I would. It doesn't mean they're wrong, it's just a difference in
judgement based on our environment.
On 11/15/2012 10:21 AM, Greg Schmalhofer wrote:
Educause security group,
Can anyone recommend a particular vulnerability scanner software,
product, appliance, or service that you are using at your campus? This
is a need at our campus and I am trying to review the different
options available for a small campus. Thanks for any help, insight, or
feedback you can provide.
Information Security Coordinator