Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Justifying the spend on a vulnerability scanner

From: Gene Yoo <gyoo () attbi com>
Date: Mon, 10 Mar 2003 10:32:30 -0800
JM wrote:

As the subject says, this is what I have got to do.
But does anyone have any thoughts to share, on how I can successfully convince my management that the spend on a vulnerability scanner is worthwhile. 

Thanks in advance

JM
first thing i had done was get numerous (nessus, saint, sara) VA tools and showed my management what it's capable of, then i had the vendors (four or five) write up their own comparison (TCO) on their product versus similar products (Eeye, Harris, ISS, etc..., they're more than willing to give you some comparison charts). then gave the management sample reports, price comparison, and justification for the cost for "due diligence" on my behalf. 

gene
--
<<gyoo [at] attbi [dot] com>>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iQCUAwUBPhxERRxoVYCzmrKXAQJK5gP3Y7CTsFyKpEz2p5W4GWI9+qSm+kWfdJ0R
xNlma0Ma9rAL/OBJcZMo5IXyXas+3Edogbv4Al6dIf8lot1WS0Iaxxl/cg2f7gf+
otf7LfNpZDE/6OzR7A1qN6baPMLSjGzywwQWMfSVuWWb6kGQxMsA13Kn68G7Ozxs
5CODZqUPyg==
=AolA
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: