To the list, and to everyone that speaks for
Qualysguard. I personally confirmed the fact that
tier-2 researchers work for their R&D team, from their
Asia-pacific contact, Mr.Howard Buzick.
I used the engine 5.x of Qualysguard, consulting
version.I evaluated Qualys for 30 days, along with
other scanners which include ISS, Foundstone, Retina,
GFI Languard, and Nessus ofcourse ;)
In the end of the exhaustive 7 day exercise, Nessus &
Retina seemed to be fairly good compared to other
scanners. GFI Languard, at best is described to be a
toy scanner. ISS is not really cool either,
Qualysguard was the worst scanner, with "the most less
no of vulns" tracked to date. (around 5300, if i
remember correctly)
If someone wants proof, you can email me in private,
since the evaluation was done as a part of company's
decision to buy a scanner for consulting + in-house
work. Nessus has around 14,500+ plugins roughly
(updated last night)
Strongly recommend Nessus for a scanning option. It
doesn't make too much sense investing by "belief". If
you think you have to buy, why not test it rigorously
before buying to see the proof. After all, as the
saying goes, " THE PROOF OF THE PUDDING IS IN THE
EATING "
Regards
Kish
--- Danux <danuxx@gmail.com> wrote:
Well, Qualys Guard, is one of the most used for
Leader Corporate Enterprises.
When you see a new vulnerability going out to public
(through
Microsoft, BugTrack, so on,)Qualys Guard Team
discover it one week
ago.
And let me tell you something, Historically, mcAfee
is "only-good"
for viruses, but for threats discovery they are not
the best solution.
You should check which kind of companies have McAffe
FoundStone and
which have Qualys Guard( i work on one of the
Financial World Leader
Company who used Qualys in all the WORLD!!!!) i
think its a good
reference.
Hope this help.
On 7/23/07, Colin Grady <colin.grady@gmail.com>
wrote:
Uzair,
Have you looked at Critical Watch
(http://www.criticalwatch.com/)?
Colin
On 6/4/07, Uzair Hashmi <uzair@kse.com.pk> wrote:
Hello list,
I have been evaluating an automated
vulnerability assessment software, have found two of
them better for the organizational needs. I need
your help to select only one out of the two.
1- QualysGuard (http://www.qualys.com)
2- Foundstone Enterprise
(http://www.mcafee.com/us/enterprise/products/vulnerability_management/foundstone_enterprise.html)
Please advice.
Regards,
Uzair
Kishore
Penetration Tester
Smart Security
T.Nagar , Chennai
Phone: 91 98841 80767
____________________________________________________________________________________
Got a little couch potato?
Check out fun summer activities for kids.
http://search.yahoo.com/search?fr=oni_on_mail&p=summer+activities+for+kids&cs=bz
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
