Re: Vulnerability scanners

From: Nicolas Gregoire (ngregoireat_private)
Date: Thu Mar 27 2003 - 14:18:53 PST

Next message: Paris Stone: "Re: Vulnerability scanners"

Previous message: Alex Russell: "Re: Vulnerability scanners"
In reply to: Jeff Williams @ Aspect: "Re: Vulnerability scanners"
Next in thread: R. DuFresne: "Re: Vulnerability scanners"
Next in thread: Rob Shein: "RE: Vulnerability scanners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2003-03-27 at 19:58, Jeff Williams @ Aspect wrote:
> Let's assume that you're talking about 256 IPs (based on Qualys' published
> pricing), and you want to scan weekly.  That's at least a day a week of
> effort for someone (probably more to generate a very nice report and
> summaries).

Using Nessus with differential scanning, you can weekly scan 256 IPs and
analyse the report (in a normal production mode) in less than 1 or 2
hours. Just make a full scan every month to be sure that everything is
re-checked, and that's all ...

By the way, you can use the differential report to be sure that there's
some progress in the internal patching process.

Regards,
-- 
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoireat_private ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F

application/pgp-signature attachment: This is a digitally signed message part

Next message: Paris Stone: "Re: Vulnerability scanners"
Previous message: Alex Russell: "Re: Vulnerability scanners"
In reply to: Jeff Williams @ Aspect: "Re: Vulnerability scanners"
Next in thread: R. DuFresne: "Re: Vulnerability scanners"
Next in thread: Rob Shein: "RE: Vulnerability scanners"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 27 2003 - 15:16:19 PST