[Full-disclosure] Vuln scanner software choices
mparks at pioneer-credit.com
Fri Nov 11 14:00:58 GMT 2005
Secure Enterprise mag did a review of 7 different
"vulnerability-management suites" (as they called them) in Dec. 2004.
Take it for what it's worth, but notice that ISS was not included.
Perhaps the review offered by Mr. Schmehl is all you need.
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Paul
Sent: Thursday, November 10, 2005 4:58 PM
To: full-disclosure at lists.grok.org.uk
Subject: Re: [Full-disclosure] Vuln scanner software choices
--On Thursday, November 10, 2005 12:32:27 -0700 Tblinux
<TBLinux at covad.net>
> I know that most if not all of you use or have used Nessus at some
> I've been following the thread. Now that it appears that Nessus is
> seriously ratcheting down support for independent consultants and
> corporate / gov't users without a registered and paid for license what
> scanning software are you considering? Has anyone done a *complete*
> comparison of all of the scanning software out there and made a choice
> based on the findings? If so what was it?
There's bound to be a comparison somewhere. All I can tell you, from
personal experience, is avoid ISS like the plague it is.
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
This message contains confidential information intended only for the individual named. If you are not the addressee, do not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this by mistake and delete it from your system. E-mail cannot guarantee secure, error-free transmission as information can be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise because of e-mail transmission. If verification is required, please request a hard-copy version. When working with third parties, e-mail cannot be used in lieu of signed paper documents to represent approvals of, authority for or acknowledgements of company transactions. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Pioneer Credit Recovery, Inc. 26 Edward St. Arcade, NY 14009 http://www.pioneer-credit.com/
Full-Disclosure is hosted and sponsored by Secunia.