Network Security: Detailed info on Re: Re: Vulnerability Assessment

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: Re: Vulnerability Assessment

from [mkburns] Network Security

[Permanent Link]

Subject:	Re: Re: Vulnerability Assessment
Date:	23 Jul 2007 20:51:55 -0000

Personally I have issues with the Qualys solution as it requires that your 
vulnerability information be stored offsite at Qualys. Which even if your happy 
someone else having access to this information, what happend if your Internet 
connectivity is bought down during an attack?

In regards to Foundstone, as a scanner it is fine, however from a scalability 
point of view it is not very flexible, with each scanner requiring a full copy 
of Windows 2003 Server, IIS and SQL - if you deploy multiple scanners and want 
to centrally collate your results then you need to use and export/import 
utility. 

If you purely want a scanner stick with Nessus.

If you want a vulnerability management system, whereby you can centrally 
collate you results, track the remediation of vulnerabilities, fine grain 
reporting and the flexibility to install the scanner on Windows platform then I 
would recommend eEye Retina and REM Console.

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Vulnerability Assessment, Mondai Ji Re: Vulnerability Assessment, Colin Grady RE: Vulnerability Assessment, Gibbs, Jason Re: Vulnerability Assessment, Danux Re: Vulnerability Assessment, Kish Pent Re: Re: Vulnerability Assessment, mkburns <= RE: Re: Vulnerability Assessment, Gibbs, Jason Administrators & Power Users, Tinu Koshy (CISD) Re: Administrators & Power Users, Kurt Buff RE: Administrators & Power Users, Weir, Jason Re: Re: Vulnerability Assessment, Michael Graham Re: Vulnerability Assessment, Deepak Parashar Re: Vulnerability Assessment, jfvanmeter Re: Vulnerability Assessment, Pete Herzog Re: Vulnerability Assessment, holger . reichert Re: Vulnerability Assessment, Uzair Hashmi

Previous by Date:	Re: New Spam Technique, Micheal Espinola Jr
Next by Date:	Re: Vulnerability Assessment, Deepak Parashar
Previous by Thread:	Re: Vulnerability Assessment, Kish Pent
Next by Thread:	RE: Re: Vulnerability Assessment, Gibbs, Jason
Indexes:	[Date] [Thread] [Top] [All Lists]