Re: commercial va

[Mark Gumennik <mgumennik () mitre org>]

Below are some of the products. Don't remember which ones were tested
and which ones are actually host scanners (some of them have both), so
you guys can through more stones at me.
I did not include 2 more proprietary VAs. BTW, one of them gave me 12
times (!) more vulnerabilities then ISS. None of them made sense...;-)
Mark
:
www.nessus.org

www.eeye.com
www.intrusion.com
www.okena.com
www.ca.com
www.cisco.com
www.netgear.com
www.niksun.com
www.STATonline.com
www.entercept.com
www.enterasys.com/ids
www.ubizen.com
www.counterpane.com
www.iss.net
www.nokia.com
www.tripwire.com
www.symantec.com
www.exodus.net
www.datareturn.com
www.kavado.com
www.netiq.com
www.visualware.com
www.sanctuminc.com
www.STATonline.com

Anton Chuvakin wrote:
> > Plus, there are at least half a dozen other good products!
> Half a dozen more scanners which are "good", which I define as "have an
> up-to-date database of exploits/checks for multiple OS
> (UNIX/Win/IOS/...)"? Where are all those products? How low profile they
> are? I assume you count products and not services (such as Qualys and
> Foundstone), which are reportedly good, but IMHO are in somewhat different
> market.
>
> It is entirely possibly to build a scanner in your garage :-), but keeping
> up with all the exploits/vulns is a major effort.
>
> Best,
> --
>   Anton A. Chuvakin, Ph.D., GCI*
>      http://www.chuvakin.org
>    http://www.info-secure.org

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards