Security Basics mailing list archives
Re: Justifying the spend on a vulnerability scanner
From: "David Vertie" <verticalrave () hotmail com>
Date: Thu, 13 Mar 2003 04:47:01 +0000
With all regard to the last post,I don't know if what you're looking for is actually just the scanner. I think it might be a combination of scanner, ids, company policy, multiple firewalls, virus scanners and filtering rules.
I don't know how you could express your idea to your management that you need this/that tool, but it should be done. I recommended before to somebody that they use a 'this happened to these companies before, so what your should do is this', sort of like a history lesson.
From: "Pierre A. Cadieux" <hobbit () theshire com> To: jamesmcgeeiom () onetel net uk, security-basics () securityfocus com Subject: Re: Justifying the spend on a vulnerability scanner Date: Tue, 11 Mar 2003 08:03:28 -0800I some respects it depends on the type of business/computer network you are protecting. You can get low/no cost scanners (NMAP, etc.) that will tell you ports are open, and you can then do the leg work to verify that the services should be running, and are patched etc.In large commercial environments, where there is regulatory requirements or specific security standards/goals, then the need for proactive scanning definitely exists as part of your audit strategy. In general I have seen engineering companies, healthcare companies, insurance companies, and financial companies easily explain this cost since they are required to have this level of security.Don't forget getting the scanner will be great, but you will need to agree on when it should be used (some scans MAY interfere with production services), how often you should scan, where to scan from, and the best part will be getting the people that maintain the boxes to react quickly to any critical exposures.Without the proactive auditing that a vulnerability scanner provides you (depending on the size of your network) there could be a number of critical exposures or systems with intrusions that you don't know about.I also would suggest some type of IDS strategy.. but that is another topic. Regards, ->PIerre Cadieux At 04:31 PM 3/10/2003 +0000, JM wrote:As the subject says, this is what I have got to do. I could dream up loads of examples of; if we dont detect a code read virus and we get it, then it will knock out our webservers and others until we fix it. if we have open null shares on the network, and unrestricted access to remote registries people can do what they want....... But does anyone have any thoughts to share, on how I can successfully convince my management that the spend on a vulnerability scanner is worthwhile. Thanks in advance JM
_________________________________________________________________Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- Re: Justifying the spend on a vulnerability scanner, (continued)
- Re: Justifying the spend on a vulnerability scanner Gene Yoo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Kenzo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Pierre A. Cadieux (Mar 12)
- RE: Justifying the spend on a vulnerability scanner JM (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- RE: Justifying the spend on a vulnerability scanner mhunt (Mar 21)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Chris Berry (Mar 11)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner David Vertie (Mar 13)
- RE: Justifying the spend on a vulnerability scanner Buyer Jr, David (Mar 24)