RE: opinions on Vigliante's SecureScanNX for attack/pen work?

["Sacha Faust" <sacha () severus org>]

I had to review Vigilante SecurescanNX recently for our Information Security
practice.
The product is very good and allows consulting firms (work for one of the
big 5) to more flexible then before.
Clients don't want to pay top $ for on site staff and we had to look at
different distributed solutions. I took a look at Distributed Cybercop but I
quickly stop. It is a  good product but to intrusive and not suited at all
for the type of work we were looking into (and the sale service we received
was horrible I might add). Distributed Cybercop is very intrusive and is
more suited for big corporation that already have a McAffee antivirus
management with ePolicy Server.

On the other hand, SecureScanNX is very flexible and allows to manage agents
remotly without changing to much on the client infrastructure. Since the
agent is issuing a connection to the management console, it can very easily
installed in a remote network and consultants can management the agent
remotly. This allow us to do the job remotly without changeing firewall
config to allow inbound traffic. Distributed cybercop doesn't allow people
to do this.This saves a lot of the "on site" charges to the client and it
allow us to the automated security check phases of our service very quickly.
The technical report generated looks a lot like the Nessus report but some
added features and content. There is also a lot of different report format
suited for other departments.

It's a good product.


-----Original Message-----
From: Dented Halo [mailto:dentedhalo () hushmail com]
Sent: Monday, November 26, 2001 6:21 PM
To: pen-test () securityfocus com
Subject: opinions on Vigliante's SecureScanNX for attack/pen work?


Mailer: SecurityFocus

Our firm is looking at adopting SecureScanNX in
favour of Cybercop. One of the reasons being
SecureScan can be used in a distributed fashion.
Cybercop now has that ability but their licensing
doesn't allow it to be used in a consulting manner.

So other than SecureScanNX, what other attack/pen
type applications are out there that work in a
distrubted fashion? Ie Client/server role, nessus
being a perfect example. Server with all the scripts
and modules runs on a linux host, and users can
connect to it via a nessus client on either a
win9x/NT/2k or various linux distro's.

Only prob is finding info right now on SecureScanNX,
no one seems ot be talking about it or much info,
even google.com only brings up but a single page of
hits. Interesting indeed...

Thanks for any insights.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/





----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/