I've been using Mantis (which is actually a software bug-tracking system) to
track all the security issues, and it's been working out very well. URL is
http://www.mantisbugtracker.com/
On 4/13/07, xelerated <xelerated@gmail.com> wrote:
I have a question for the pen test community.
Does anyone have a free (OSS or other) way to take your vuln scan data
(nessus in this case)
and do tracking and remediation?
As it sits now, I scan at work atleast 300 machines a month, and my
monthly list is growing, and will soon include subnets as well.
I used to take the pipe delimited format and run it through excel and
work with it from there.
and that worked fine back when I was only scanning 200 a month max but
its become extremely cumbersome.
Also, if there is no such good tool out there, im no coder, but if
others out there would like to work on such a project id like to do
that too.
Thanks!
Kevin Reiter
Senior Security Engineer
Financial Services, Inc.
21 Harristown Road
Glen Rock, New Jersey 07452
(201)652-6000, ext. 588
PGP ID: 0xEE665233
This message may contain confidential or proprietary information and is
intended solely for the individual(s) to whom it is addressed. If you are not
a named addressee you should not disseminate, distribute or copy this e-mail or
act upon the information contained herein. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and delete
this e-mail from your system.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
