Security Basics mailing list archives
Re: Security scanning tools
From: Devilscrow Sr <devilscrow () gawab com>
Date: Tue, 16 Dec 2003 02:05:27 +0530
Hi Jack, My answers inline... Jack Solomon wrote:
My questions to the group are:1. What tool[s] should I look to buy that that correctly reports security vulnerabilties with the least false positives?
Firstly, mbsa for me is more of a information gathering tool that also does some basic security checks. Secondly, some amount of post scan analysis / verification is always very important and required to get better results out of your vulnerability scans. This will help you reduce the number of false positives.
2. Are false positives a known [feature] of all scanning tools?
Oh, yes ! That goes without saying..... -dev --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Security scanning tools Jack Solomon (Dec 15)
- Re: Security scanning tools Carlton Foster (Dec 15)
- Re: Security scanning tools Devilscrow Sr (Dec 15)
- Re: Security scanning tools Chris Burton (Dec 15)
- SV: Security scanning tools Kim Guldberg (Dec 16)
- <Possible follow-ups>
- Re: Security scanning tools H Carvey (Dec 15)
- RE: Security scanning tools KoRe MeLtDoWn (Dec 15)