mailing list archives
Re: Comparison of Network Security Scanners
From: insecure <insecure () ameritech net>
Date: Fri, 02 Jul 2004 09:31:01 -0500
Not only is the test not indenpendent, it is extremely out of date (more
than a year old). Several of the programs in the comparison have had
major updates since then, while the "winner" of this comparison has not.
This could easily have a significant effect on the outcome of a similar
comparison, if done today. Also, cost effectiveness of the product would
have to be a major consideration in any real-world comparison, yet is
These kinds of comparisons are always of questionable value. What is
best in one environment may not work at all in another. For most small
to medium sized organizations, the costly commercial alternatives would
not provide a significant benefit over the low-cost or free systems such
as nessus and LanGuard (3.3 is free for scanning unlimited IP's, it only
costs if you want software/patch deployment and custom reporting).
Certainly, this test is not independent. However, methodology of the
tests is completely described, and everyone can check up them. I did not
see any other similar tests comparing various vulnerability scanners.
Full-Disclosure - We believe in it.