Security Basics mailing list archives
Re: Justifying the spend on a vulnerability scanner
From: "Gerhard Rickert" <rickert () ocn ad jp>
Date: Thu, 13 Mar 2003 10:16:34 +0900
sorry for the multi post.... here is the English site. http://www.networkinstruments.com/products/observer.html What is the link to Observer?
-----Original Message----- From: Gerhard Rickert [mailto:rickert () ocn ad jp] Sent: Tuesday, March 11, 2003 6:15 PM To: security-basics () securityfocus com Subject: Re: Justifying the spend on a vulnerability scanner Just a thought in this area...what do you think of Observer. Is it an overpriced tool? Would it work for what Mr. Berry wants?
----- Original Message ----- From: "David Gillett" <gillettdavid () fhda edu> To: <security-basics () securityfocus com> Sent: Wednesday, March 12, 2003 4:56 AM Subject: RE: Justifying the spend on a vulnerability scanner
From: JM <jamesmcgeeiom () onetel net uk> As the subject says, this is what I have got to do. I could dream up loads of examples of; if we don't detect a code read virus and we get it, then it will knock out our webservers and others until we fix it. if we have open null shares on the network, and unrestricted access to remote registries people can do what they want....... But does anyone have any thoughts to share, on how I can successfully convince my management that the spend on a vulnerability scanner is worthwhile.Vulnerability scanners don't have an inherent ROI of their own. Once you've got commitment to FIX holes before they are exploited, then you can easily justify a tool or two to FIND the holes that need fixing. But finding the holes is no help if nothing will be done about them. David Gillett
Current thread:
- Re: Justifying the spend on a vulnerability scanner, (continued)
- Re: Justifying the spend on a vulnerability scanner Vlad Tsyrklevich (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Gene Yoo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Kenzo (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Pierre A. Cadieux (Mar 12)
- RE: Justifying the spend on a vulnerability scanner JM (Mar 11)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- RE: Justifying the spend on a vulnerability scanner mhunt (Mar 21)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Chris Berry (Mar 11)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- Re: Justifying the spend on a vulnerability scanner Gerhard Rickert (Mar 13)
- RE: Justifying the spend on a vulnerability scanner David Gillett (Mar 12)
- Re: Justifying the spend on a vulnerability scanner David Vertie (Mar 13)
- RE: Justifying the spend on a vulnerability scanner Buyer Jr, David (Mar 24)