Security Basics mailing list archives
Re: Justifying the spend on a vulnerability scanner
From: Gene Yoo <gyoo () attbi com>
Date: Mon, 10 Mar 2003 10:32:30 -0800
JM wrote:
As the subject says, this is what I have got to do.But does anyone have any thoughts to share, on how I can successfully convince my management that the spend on a vulnerability scanner is worthwhile.Thanks in advance JM
first thing i had done was get numerous (nessus, saint, sara) VA tools and showed my management what it's capable of, then i had the vendors (four or five) write up their own comparison (TCO) on their product versus similar products (Eeye, Harris, ISS, etc..., they're more than willing to give you some comparison charts). then gave the management sample reports, price comparison, and justification for the cost for "due diligence" on my behalf.
gene -- <<gyoo [at] attbi [dot] com>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iQCUAwUBPhxERRxoVYCzmrKXAQJK5gP3Y7CTsFyKpEz2p5W4GWI9+qSm+kWfdJ0R xNlma0Ma9rAL/OBJcZMo5IXyXas+3Edogbv4Al6dIf8lot1WS0Iaxxl/cg2f7gf+ otf7LfNpZDE/6OzR7A1qN6baPMLSjGzywwQWMfSVuWWb6kGQxMsA13Kn68G7Ozxs 5CODZqUPyg== =AolA -----END PGP SIGNATURE-----
Current thread:
- Justifying the spend on a vulnerability scanner JM (Mar 10)
- Re: Justifying the spend on a vulnerability scanner Vlad Tsyrklevich (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Gene Yoo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Kenzo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Pierre A. Cadieux (Mar 12)
- <Possible follow-ups>
- RE: Justifying the spend on a vulnerability scanner JM (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- RE: Justifying the spend on a vulnerability scanner mhunt (Mar 21)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Chris Berry (Mar 11)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner David Vertie (Mar 13)
(Thread continues...)