Re: RE: Vulnerability Assessment

[sam.d101 () gmail com]

I have used all the 3 tools listed in the conversation.

Foundstone: the one I recommend for SME since the nature of the software and licensing is more easier to manage than 
QualysGuard, the depth of Vulnerability Assessment is almost same on both since most of vulnerability assessment tool 
works on predefined CVS database, however what’s important to understand is the ability of the software to manipulate 
based on circumstances, I mean auto module stealth scanning which is more advanced in QualysGuard. 
So if you are considering for enterprise wide scanning then I would recommend QualysGuard else foundstone. 

Core Impact: Is more into automated penetration testing, very usefull if you know to write your own modules in Python. 
Expensive tool.

Regards
Santosh
CISSP, CISM