Security Basics mailing list archives
Re: Vulnerability scanner/appliance
From: "Derek Nash" <ddnash () gmail com>
Date: Fri, 31 Aug 2007 07:30:37 -0500
There is no such thing as PCI Approved. Any vulnerability scanner will do to get the auditors check mark. However the diligent security professional should be looking for a solution that address the entire vulnerability management lifecycle. Love those buzz words, but its true. You need something that identifies, prioritizes, escalates, and finally closes the vulnerabilities throughout the remediation process. On 30 Aug 2007 14:40:21 -0000, kocherk () knology net <kocherk () knology net> wrote:
My employer is about to be assessed for PCI compliance. One of the requirements that we've not yet met is a quarterly internal network vulnerability scan. I've used Nessus for these scans in the past, but does anyone know of a PCI-approved scanning utility/appliance? Keith
-- Best Regards, Derek Nash
Current thread:
- Vulnerability scanner/appliance kocherk (Aug 30)
- Message not available
- Re: Vulnerability scanner/appliance c0unter14 (Aug 31)
- Message not available
- Re: Vulnerability scanner/appliance Derek Nash (Aug 31)