At 12:10 PM 8/22/2006, Lee Parkes wrote:
Hi,
In the course of our work my colleagues and I use Nessus as the primary
vulnerability assesment tool. However, in this age of 'risk management' the
upper management have decided that we should use at least two distinct scanning
tools. Whilst we use Qualys for remote scans, we can't use it on most on-site
jobs.
My question is, is there another scanner, free or payware, that people
recommend as being of comparable quality to Nessus? The preference is for a
tool that isn't based on Nessus so that we have two independent scans.
Hi Lee,
Although I firmly respect anyone's wishes to use two scanners, I would
consider the following thoughts:
- You are absolutely right to make sure that the second vendor
does not base their scans or data off of Nessus. And even if
they don't run the "nessus" engine, you should pick the last 10 or
so Bugtraq IDs or CVEs and see when the vendor added them. You may
or may not be surprised how often new checks in 3rd party scanners
get added once they hit the Nessus registered feed.
- Instead of two scanners, I would really argue to use two or more
technologies. Assume for a second that two network scanner technologies
are roughly equal. What value does adding credentialed patch auditing
to the mix? When Nessus connects to port 80 and starts doing web
analysis, this is a completely different process then when it logs
in via a domain or credentials and performs a patch audit.
- If there is a question in the quality of the scans or the accuracy
of the results, I would highly recommend that a passive continuous
solution like our Passive Vulnerability Scanner be used. Passive
network monitoring is real-time and sees everything on the network
regardless of port, protocol or client-side firewalls.
Ron Gula, CTO
Tenable Network Security
http://www.nessus.org
http://www.tenablesecurity.com
http://blog.tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
