Security Basics mailing list archives
Thoughts on SAINT and SAINTmanager?
From: Ray Van Dolson <rvandolson () esri com>
Date: Wed, 10 Dec 2008 09:19:02 -0800
Hi all; I've been evaluating some security scanning products. I really like Nessus and have been leaning the Tenable Security Center way. However, during its evaluation I've run into some frustrating things that really hamper our workflow here.... I don't like how it's not very easy to link someone to a particular query or result. Sure i can save the query, or send someone instructions to navigate to a particular page of results, but why can't I just choose the URL in the Location bar of my browser and have that send the user to same location I was viewing? Reports beyond the boilerplate are also not easy to come up with. The template language isn't documented and although I know Tenable will assist with custom needs, reporting should be simpler. The lack of a standard database backend also is frustrating. I understand Tenable's way may be quicker, but I'd much prefer the convenience of a MySQL backend so I can run custom queries myself in situations where the API or interface doesn't make it easy to get out the information I want. Users also don't like the "non-intuitive" interface... Anyways, this brings me to the point where I'm looking for an alternative. I think Tenable has the nitty gritty down; I really like their updates, the NASL language and the community surrounding their product. That said, SAINT appeals to me because at a glance, their interface looks pretty slick and I like their MySQL backend. I have high hopes they might have a somewhat open API that I can use to interact with pieces of the product in a fairly easy way. Anyone have any experience with their product? How would you compare it? I'll be moving forward with an eval, but looking for feedback :) Thanks! Ray
Current thread:
- Thoughts on SAINT and SAINTmanager? Ray Van Dolson (Dec 10)