Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Pentesting tool - Commercial

From: "Andre Gironda" <andreg () gmail com>
Date: Tue, 26 Feb 2008 12:45:49 -0700
On Tue, Feb 26, 2008 at 1:39 AM, Ramki B <bramkie () gmail com> wrote:

 Core Impact is the best fit for my requirement followed by ISS. And for VA
 Nessus is the best choice.


ISS and Nesss are redundant.  Most people prefer neXpose or Qualys to
Nessus, and some even prefer Foundscan to Nessus (for reporting,
although I don't know why personally).  There were some recent
[pulled] evaluations and neXpose came out way ahead, although like
I've mentioned on other lists, the best-of-breed would be to combine
Rapid7 neXpose with Tenable PVS.

Core Impact is fine, but what about the other 400 exploits packaged
with CANVAS, Gleg/Argeniss, and Metasploit?  I haven't even included
the CANVAS sharing alliance or D2 pack statistics, which I don't
really have readily available.  Core Impact barely has 200 exploits
all by itself.

Cheers,
Andre

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: