Re: VA Vendor Tip?

["Jeff Moore" <cisoguy () gmail com>]

Apparently you didn't read my post.  You say you used to and that is the
point.  I am current Retina/REM customer and I have watched over the years
the product go backwards not forwards.  If you are still a customer like I
am you should be thinking of finding a new solution.  With the mass exodus
of employees over the last year there is nothing of value left.

OK research?  Yes, because I want to pay 50K to get details on a Yahoo IM
vulnerability.  No thank you.  Services like frsirt, secunia and even
symantec deep sight are years ahead and worth the investment.


On 6/7/07, mOses <trklisted () networksamurai org> wrote:
> I used did a VA analysis for a large company (38,000 nodes). I think the
> following are excellent products to look at.
>
> Retina/REM (the ability to support 'dod' type environments by being able
> to meet a 4 hour release cycle is important. Vulnerablity research is
> pretty good at the company which is always a bonus, weather it meets up
> to par with everyone....you can't please everyone right?)
>
> Nexpose (runs on linux and windows, also can do some metasploit type
> work and also some spi dynamics type xss stuff.... if you really need to
> do that however purchase core/canvas or spi dynamics...though right?)
>
> QualysGuard (an asp model... has its advantages such as everyone feeds
> back data to one central point...like fingerprinting info...)
>
> just my 2cents..
>
> mOses
> networksamurai.org
>
> The Sun wrote:
> > I have used Retina, Internet Scanner, GFI LNSS, and Nessus. Recently I
> > evaluated QualysGuard and would recommend it over all the others.
> > I have heard that nCircle has a good VA product too.
> >
> > The reporting is excellent. Plus the updates are very quick.
> >
> >
> >     ----- Original Message -----
> >     *From:* Jeff Moore <mailto:cisoguy () gmail com>
> >     *To:* dailydave () lists immunitysec com
> >     <mailto:dailydave () lists immunitysec com>
> >     *Cc:* full-disclosure () lists grok co uk
> >     <mailto:full-disclosure () lists grok co uk> ;
> >     Higgins () DarkReading com <mailto:Higgins () DarkReading com>
> >     *Sent:* Tuesday, June 05, 2007 9:14 PM
> >     *Subject:* [Dailydave] VA Vendor Tip?
> >
> >     Does anyone on the list have a good recommendation for a VA
> >     software vendor?  I am currently an eEye Retina customer but need
> >     to find a better solution with an actual development team in place
> >     to support that solution.  Is Tenable a good choice?
> >
> >
> >     http://www.darkreading.com/document.asp?doc_id=125486&WT.svl=news1_4
> >     <
> http://www.darkreading.com/document.asp?doc_id=125486&WT.svl=news1_4>
> >
> >     "Preview represents the third "pillar" of eEye's business, says
> >     Marc Maiffret, CTO and chief hacking officer for eEye, joining its
> >     flagship Retina Network Scanner and Blink endpoint security
> >     software. eEye made a name for itself after discovering, and
> >     naming, the infamous CodeRed worm in 2001. "
> >
> >     Third pillar?  The other two pillars are crumbling so they set up
> >     a third one to prop up what is left.  As a Retina customer I am
> >     very dissatisfied to see that eEye just fired the entire team
> >     responsible for Retina including guys like Ryan Permeh.  They also
> >     cut their QA team which will make bad products even worse.  Their
> >     engineering staff is down to three or four guys and they want to
> >     jump in the professional services game?
> >
> >     What research team are you trying to sell?  The only
> >     researcher you have left is this guy -
> >     http://datarescue.com/idabase/hallofshame.html and of course chief
> >     hacking officer who has never discovered a bug.
> >
> >     "eEye made a name for itself after discovering, and naming, the
> >     infamous CodeRed worm in 2001. "
> >
> >     It is now 2007.  What have you done lately eEye?  I don't think
> >     anyone cares that you "discovered" a 6 year old worm.  Your
> >     customers want stability and a future not a scheme (preview) for
> >     your VC to grab some extra cash before they turn out the lights.
> >
> >     So while you are chasing 50K from those who are still impressed by
> >     CodeRed and stolen copies of IDA your core customers, those who
> >     you have abandoned like you did the engineers responsible for
> >     those products will take their money to other more stable vendors
> >     that offer some sort of stability.
> >
> >     Maybe is time to throw in the towel.  If Retina is the flagship
> >     then that ship has sailed into some rocks and sunk.
> >
> >     -J
> >
> >
> ------------------------------------------------------------------------
> >     _______________________________________________
> >     Dailydave mailing list
> >     Dailydave () lists immunitysec com
> >     http://lists.immunitysec.com/mailman/listinfo/dailydave
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Dailydave mailing list
> > Dailydave () lists immunitysec com
> > http://lists.immunitysec.com/mailman/listinfo/dailydave
> >
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave