Educause Security Discussion mailing list archives

Re: Vulnerability Scanner Recommendations

From: George Farah <george.farah () QUEENSU CA>
Date: Thu, 15 Nov 2012 19:02:08 +0000

Good day Greg

My recommendation. Start with establishing a process for what the VA needs to accomplish based on your environment and 
move towards choosing a scanner that will help in light of your resources, how thorough you need to be and what type of 
assessments your will be doing. for example, network scans or web application and operating systems scans or PCI 
related scans etc. etc.

We here use Nessus and Web inspect. Both are fantastic and easy to use.

Hope that helps

George Farah, GIAC/GSEC Gold, CRISC, CISA
University Information Systems Security Manager
Queen's University,

-----------------------------------------------------------
CONFIDENTIALITY CAUTION:
This communication and any attachments is for the use of the individual or entity to which it is addressed and may 
contain information that is privileged, proprietary, confidential and exempt from disclosure. If you are not the 
intended recipient you are notified that any dissemination, distribution, or copying of the communication is strictly 
prohibited. If you received this communication in error, please notify the sender and destroy this email immediately.

AVERTISSEMENT RELATIF À LA CONFIDENTIALITÉ:
Cet envoi (et toute pièce jointe) ne s'adresse qu'à la personne ou à l'entité à laquelle il est destiné. Il peut 
contenir des renseignements privilégiés, confidentiels et ne devant pas être divulgués. Si vous n'êtes pas le 
destinataire prévu,  nous vous avisons que toute dissémination, distribution ou copie de cet envoi est strictement 
interdite. Si vous receviez cet envoi par erreur, veuillez en aviser l'expéditeur et détruire ce courriel immédiatement.



________________________________


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Greg 
Schmalhofer
Sent: November-15-12 11:22 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Vulnerability Scanner Recommendations

Educause security group,

Can anyone recommend a particular vulnerability scanner software, product, appliance, or service that you are using at 
your campus? This is a need at our campus and I am trying to review the different options available for a small campus. 
Thanks for any help, insight, or feedback you can provide.

Thanks,
Greg Schmalhofer

Millersville University
Information Security Coordinator
Millersville, PA

Current thread:

Vulnerability Scanner Recommendations Greg Schmalhofer (Nov 15)
- Re: Vulnerability Scanner Recommendations Sigmon, Aaron (Nov 15)
  - Re: Vulnerability Scanner Recommendations Roger A Safian (Nov 15)
    - Re: Vulnerability Scanner Recommendations mccalluq (Nov 15)
- Re: Vulnerability Scanner Recommendations Walter Petruska (Nov 15)
- Re: Vulnerability Scanner Recommendations Kevin Wilcox (Nov 15)
- Re: Vulnerability Scanner Recommendations Shamblin, Quinn (Nov 15)
- Re: Vulnerability Scanner Recommendations George Farah (Nov 15)
- Re: Vulnerability Scanner Recommendations Barron Hulver (Nov 16)
- Re: Vulnerability Scanner Recommendations Kevin Halgren (Nov 16)
- Re: Vulnerability Scanner Recommendations John Ladwig (Nov 16)
- <Possible follow-ups>
- Vulnerability Scanner Recommendations Carlos Lobato (Nov 15)