Lisa,
I've used Rapid 7's NeXpose pretty heavily for the past year. Overall
it's been a good run, but there have been plenty of mixed feelings.
Stability wise it comes and goes. At first we ran into some major bugs
running it on Windows with it running out of memory (we only had 1GB).
We upgraded the box to 2GB and switched it to Linux, then ran into
others issues including inconsistent documentation and minor issues
getting it to play nice with our installed JRE. The customer support was
extremely helpful and knowledgeable though.
Performance wise it's pretty quick and fairly thorough. They're
constantly adding new signatures however the default profiles for
scanning are lax, so you'll want to customize your own so you don't miss
anything. Reporting is where it really shines. While we've run into some
PDF rendering bugs they've been fixed (though slowly), leaving some of
the best prepared reports I've ever seen an automated tool pump out.
They did just have a major release, 4.5, which has been a mixed bag.
Along with better performance and features, it was primarily bug fixes
which was kind of disappointing. Then again it was a free upgrade for
current customers, so one really can't complain. A few new show stopping
bugs have cropped up however which I hope are fixed quickly. For example
if I use our former default scan profile (customized to be very
thorough) the scan will hang and eventually error out, meaning I have to
rely on their less than spectacular defaults. There are also some issues
dealing with Firefox that I've seen crash FF and even lock up the PC
(trying to load 1, 2, 3...65,535 into a single text box).
Beyond that the biggest sore point is the price. Be prepared to pay well
beyond that $30,000 mark for a full setup, support contract, etc.
I'd recommend it though hesitantly. They need to either squash the bugs
and put new versions through more testing or drastically reduce the
price as is. If you can live through the bugs though and manage the
cost, at the end of the day NeXpose will provide very thorough and
extremely attractive reports.
On Mon, 2007-04-30 at 11:16 -0400, Lisa L Cooper wrote:
I'm new to the list so please bare with me. I would however like some advice
on the following issue. An audit request has prompted us to investigate
network pen testing. We are looking at the following options.
1. Outside vendors such as Network Armor, and Rapid 7. Have any of you used
these and if so, which one, and were you satisfied?
2. We have Nessus, but as I'm sure you guys know the reporting is awful. Do
any of you know if anyone has written a good program to help out with this
situation?
Lisa L. Cooper, lisa.cooper@louisville.edu
University of Louisville
Information Technology
Enterprise Network Security
Miller IT Bldg, Room 109
Louisville, KY 40292
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
signature.asc
Description: This is a digitally signed message part
