Security Basics mailing list archives
Re: Host Based Vulnerability Scanner
From: steveo1620 () gmail com
Date: Mon, 19 Dec 2011 16:21:22 -0600
Tripwire Enterprise has that functionality too. On Dec 19, 2011, at 4:16 PM, Todd Haverkos <infosec () haverkos com> wrote:
Thugzclub Thugzclub <thugzclub () googlemail com> writes:Hi guys, I am looking for a host based vulnerability scanning application. I Nessus and other tools scan can network facing application and tell you whether they are vulnerable or not but I am looking for a host based solution similar to Secunia PSISecunia sells CSI which does exactly what you'd expect based on your PSI experience, but is aimed at corporate environments. However, I think you'd be happier doing credentialed scanning without the pain of a host based agent to maintain and have consuming memory and resources on every single machine and virtual image in your environment. I looked pretty hard at this space a year ago and installed BigFix, LanDesk, Rapid7 Nexpose and Tenable Security Center. Secunia CSI we looked at but as they lacked a remediation workflow, and didn't support unix, we ruled them out. The host based approaches are about 2x as expensive for the same IP count and have the agent footprint to maintain. They also tend to come from companies that don't track vulnerabilities (e.g Bigfix, Landesk) nearly as well as security companies (Tenable, Rapid7, Secunia) do. Secunia is really the only serious player to track that many applications in a host based agent, as they have a wonderful dataset to play with courtesy of willing PSI users. You'll find the app support to be relatively narrow in the other host based players. Be sure to ask for a supported app list when shopping for these! On the remote vuln scanner side, though, plugin accuracy and application support breadth for client-side apps is really excellent with Nessus from Tenable. If you need enterprise goodies like dashboards, trending, metrics, support for multiple users to separate scan and credential handling duties from those who need a read only view in order to do remediation, then Tenable Security Center will be possibly interesting to you. If all you need to know is what hosts are vulnerable NOW and your environment is small enough to not need trending scheduling and multiple user support, you might be able to get away with a Nessus pro feed license which is ~$1500/year if memory serves. Good luck! Best Regards, -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Host Based Vulnerability Scanner Thugzclub Thugzclub (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- Re: Host Based Vulnerability Scanner steveo1620 (Dec 19)
- Re: Host Based Vulnerability Scanner Jeffrey Walton (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- RE: Host Based Vulnerability Scanner Sheldon Malm (Dec 20)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)
- Re: Host Based Vulnerability Scanner Todd Haverkos (Dec 19)