Security Basics mailing list archives

RE: Vulnerability assessment with remediation tool

From: <ghall () TrustedCS com>
Date: Fri, 10 Sep 2010 13:21:54 -0400

Commercial product that performs Assessments, Remediation and Undo of
Linux Operating System Vulnerabilities. 


http://www.trustedcs.com/SecurityBlanket/SecurityBlanket.html - Security
Blanket

http://www.trustedcs.com/SecurityBlanket/SecurityBlanket-Try-Out.html -
Security Blanket Trial

http://tcs-security-blanket.blogspot.com/ - Security Blanket Blog

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Wim Remes
Sent: Thursday, September 09, 2010 6:32 PM
To: security-basics () securityfocus com; joshi.komban () caridianbct com
Subject: Re: Vulnerability assessment with remediation tool

Seriously people,

are we trying to help a bro out here ?  

The man asks for a technological solution that does (automated)
vulnerabilty assessments and allows him to use an integrated feature to
assign vulnerabilities found in his infrastructure to owners so he (or
his group) can follow up on the status of the vulns and get them
resolved within a reasonable timeframe (also known as remediation
workflow).

commercial
----------------
http://www.qualys.com (Qualysguard)
http://www.rapid7.com (Nexpose)
http://www.tenable.com (Nessus)

opensource
----------------
http://www.openvas.com in combination with http://www.seccubus.com
(which also supports Nessus)

http://www.openfisma.org shows some promise as a tool that can offer
remediation workflow for output from any of the solutions mentioned
above.


Cheers,
W

On 09 Sep 2010, at 22:51, Joe Saselli wrote:

I absolutely recommend using backtrack 4 / metasploit

On 9/9/10 12:47 PM, Justin Andrusk wrote:

Or bt4
Sent by Blackberry. Spelling errors may occur.

Justin Andrusk - ESA


    ----- Original Message -----
    From: "Romero, Israel" [ir808w () intl att com]
    Sent: 09/09/2010 02:26 PM AST
    To: "ajay.cedt () gmail com"<ajay.cedt () gmail com>;
"security-basics () securityfocus com"<security-basics () securityfocus com

; "joshi.komban () caridianbct com"<joshi.komban () caridianbct com>

    Subject: RE: Vulnerability assessment with remediation tool Or 
you can try with knoppix



-----Original Message-----
From: listbounce () securityfocus com 
[mailto:listbounce () securityfocus com] On Behalf Of 
ajay.cedt () gmail com
Sent: Jueves, 09 de Septiembre de 2010 10:55 a.m.
To: security-basics () securityfocus com; joshi.komban () caridianbct com
Subject: RE: Vulnerability assessment with remediation tool

why do not you start with backtrack? easy and free with almost all 
required features

-----------------------
Sent via MVL Connect


 ---Original Text---
 From: joshi.komban () caridianbct com
Sent: Thu Sep 9 2010 21:01:35
To: security-basics () securityfocus com;
Subject: Vulnerability assessment with remediation tool
---------------------------------------
Anyone has any good suggession on the tools that is availbale in the 
market in the areas of Vulnerability assessement + remediation in

single product?


---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In 
this guide we examine the importance of Apache-SSL and who needs an 
SSL certificate.  We look at how SSL works, how it benefits your 
company and how your customers can tell if a site is secure. You will

find out how to test, purchase, install and use a thawte Digital 
Certificate on your Apache web server. Throughout, best practices for

set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1

---------------------------------------------------------------------
---



---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In 
this guide we examine the importance of Apache-SSL and who needs an 
SSL certificate.  We look at how SSL works, how it benefits your 
company and how your customers can tell if a site is secure. You will

find out how to test, purchase, install and use a thawte Digital 
Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you 
ensure efficient ongoing management of your encryption keys and 
digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1

---------------------------------------------------------------------
---




---------------------------------------------------------------------
--- Securing Apache Web Server with thawte Digital Certificate In 
this guide we examine the importance of Apache-SSL and who needs an

SSL certificate.  We look at how SSL works, how it benefits your company
and how your customers can tell if a site is secure. You will find out
how to test, purchase, install and use a thawte Digital Certificate on
your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be
442f727d1
---------------------------------------------------------------------
---


--
__

Joe Saselli
Manager - Global Information Systems Security&  Network Engineering 
Global Infrastructure Operations Shared Services Division-TPS

MIT - Information Technology, Internet Security BIT - Information 
Technology, Systems Administration ITIL Certified

GIO - Real Networks, Inc.
2601 Elliott Avenue
Seattle, WA 98121

jsaselli () real com

Office: +1.206.892.6058
Mobile: +1.206.499.0228

www.real.com


----------------------------------------------------------------------
-- Securing Apache Web Server with thawte Digital Certificate In this 
guide we examine the importance of Apache-SSL and who needs an SSL

certificate.  We look at how SSL works, how it benefits your company and
how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your
Apache web server. Throughout, best practices for set-up are highlighted
to help you ensure efficient ongoing management of your encryption keys
and digital certificates.


http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
42f727d1
----------------------------------------------------------------------
--

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide
we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and
how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your
Apache web server. Throughout, best practices for set-up are highlighted
to help you ensure efficient ongoing management of your encryption keys
and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

Re: Vulnerability assessment with remediation tool, (continued)
- Re: Vulnerability assessment with remediation tool Todd Haverkos (Sep 10)
- RE: Vulnerability assessment with remediation tool ajay . cedt (Sep 09)
  - RE: Vulnerability assessment with remediation tool Romero, Israel (Sep 09)
    - Re: Vulnerability assessment with remediation tool DaKahuna (Sep 10)
- Re: Vulnerability assessment with remediation tool Justin Andrusk (Sep 09)
  - Re: Vulnerability assessment with remediation tool Adam L. Simms (Sep 09)
  - Re: Vulnerability assessment with remediation tool Joe Saselli (Sep 09)
    - Re: Vulnerability assessment with remediation tool Wim Remes (Sep 10)
    - Re: Vulnerability assessment with remediation tool Omar Salvador Alcalá Ruiz (Sep 10)
    - Re: Vulnerability assessment with remediation tool David Kovar (Sep 13)
    - RE: Vulnerability assessment with remediation tool ghall (Sep 10)
    - Re: Vulnerability assessment with remediation tool YGN Ethical Hacker Group (Sep 10)
    - Re: Vulnerability assessment with remediation tool Osman Surkatty (Sep 10)