Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Comparison of Network Security Scanners
From: insecure <insecure () ameritech net>
Date: Fri, 02 Jul 2004 09:31:01 -0500

Not only is the test not indenpendent, it is extremely out of date (more than a year old). Several of the programs in the comparison have had major updates since then, while the "winner" of this comparison has not. This could easily have a significant effect on the outcome of a similar comparison, if done today. Also, cost effectiveness of the product would have to be a major consideration in any real-world comparison, yet is totally overlooked.

These kinds of comparisons are always of questionable value. What is best in one environment may not work at all in another. For most small to medium sized organizations, the costly commercial alternatives would not provide a significant benefit over the low-cost or free systems such as nessus and LanGuard (3.3 is free for scanning unlimited IP's, it only costs if you want software/patch deployment and custom reporting).


Alexander wrote:


Certainly, this test is not independent. However, methodology of the
tests is completely described, and everyone can check up them. I did not
see any other similar tests comparing various vulnerability scanners.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]