Penetration Testing mailing list archives
RE: Vuln Scanning software choices
From: "Richard Zaluski" <rzaluski () ivolution ca>
Date: Sun, 19 Mar 2006 10:54:26 -0500
While CORE and Metasploit are great products (iVOLUTION uses both in our engagements) they are more on the Penetration side. I would look at Retina Network Security Scanner, ISS as well as SAINT (We also use SAINT) In our engagements we always employ two automated scanners so that results can be cross referenced to weed out potential false positives. Richard Zaluski CISO, Security and Infrastructure Services iVOLUTION Technologies Incorporated 905.309.1911 Ext 600 866.601.4678 Ext 600 www.ivolution.ca rzaluski () ivolution ca -----Original Message----- From: bill.louis () gmail com [mailto:bill.louis () gmail com] On Behalf Of Alice Bryson Sent: Friday, March 17, 2006 7:02 AM To: Tblinux Cc: pen-test () securityfocus com Subject: Re: Vuln Scanning software choices hi Core Impact and CANVAS are very good pen test tool. Metasploit is a free version of pen test tool, you could try it. 2005/11/11, Tblinux <TBLinux () covad net>:
I know that most if not all of you use or have used Nessus at some point. I've been following the thread. Now that it appears that Nessus is seriously ratcheting down support for independent consultants and corporate / gov't users without a registered and paid for license what scanning software are you considering? Has anyone done a *complete* comparison of all of the scanning software out there and made a choice based on the findings? If so what was it? I work for a fairly large company and the contract negotiations with Tenable are going poorly and the company I work for is looking at the options. Any input would be greatly appreciated!!!!
---------------------------------------------------------------------------- --
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831
---------------------------------------------------------------------------- ---
-- Homepage:http://www.lwang.org We collect spam for research at: mailto:abryson () bytefocus com ---------------------------------------------------------------------------- -- This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ---------------------------------------------------------------------------- -- ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Re: Vuln Scanning software choices Louis Wang (Mar 18)
- Re: Vuln Scanning software choices yeesan wong (Mar 23)
- Re: Vuln Scanning software choices Alice Bryson (Mar 28)
- <Possible follow-ups>
- Re: Vuln Scanning software choices Alice Bryson (Mar 18)
- RE: Vuln Scanning software choices Richard Zaluski (Mar 19)
- RE: Vuln Scanning software choices Webster, Mark (Mar 20)
- Re: Vuln Scanning software choices yeesan wong (Mar 23)