Penetration Testing mailing list archives
Re: Vulnerability scanners
From: oherrera <oherrera () Prodigy Net mx>
Date: Thu, 27 Mar 2003 12:08:59 -0500
Mh... I believe there are many other costs involved. Does Qualys provide source code to signatures? What is the cost (time/resources) of investigating false positives without this information? On the other hand, with commercial products you have someone to blame if the performance or results of a product are not satisfactory (based on a contract), however, no matter how excelent nessus is, there is no one forced to give you support with nessus (unless you buy support from another company; I also believe Renaud Deraison was working on a distributed nessus architecture that might be based on appliances and provide you with commercial support but I'm not sure). Omar
Yesterday some reps from Qualys came with a sales presentation for their QualysGuard appliance. I'd like to solicit your comments and opinions on that product. In particular, do you think it's $45,000 per year better than Nessus? (That's about the cost we'd face based on our IP address range.) They claim it costs as much in administration to run Nessus. Does Qualys' claim to more vulnerability signatures and faster/easier updates hold water?
top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
Current thread:
- Vulnerability scanners Dan Lynch (Mar 27)
- RE: Vulnerability scanners Rob Shein (Mar 27)
- Re: Vulnerability scanners Anders Thulin (Mar 28)
- <Possible follow-ups>
- Re: Vulnerability scanners oherrera (Mar 27)
- Re: Vulnerability scanners Jeff Williams @ Aspect (Mar 27)
- Re: Vulnerability scanners Alvin Oga (Mar 27)
- RE: Vulnerability scanners Rob Shein (Mar 27)
- Re: Vulnerability scanners Alex Russell (Mar 27)
- Re: Vulnerability scanners Nicolas Gregoire (Mar 27)
- Re: Vulnerability scanners R. DuFresne (Mar 27)
- RE: Vulnerability scanners Ken Smith (Mar 27)
- RE: Vulnerability scanners Rosado, Rafael (Rafael) (Mar 27)
- RE: Vulnerability scanners Rosado, Rafael (Rafael) (Mar 27)
- Re: Vulnerability scanners Jeff Williams @ Aspect (Mar 27)
(Thread continues...)