Re: Host Based Vulnerability Scanner

[steveo1620 () gmail com]

Tripwire Enterprise has that functionality too. 

On Dec 19, 2011, at 4:16 PM, Todd Haverkos <infosec () haverkos com> wrote:

> Thugzclub Thugzclub <thugzclub () googlemail com> writes:
> > Hi guys,
> >
> > I am looking for a host based vulnerability scanning application.
> >
> > I Nessus and other tools scan can network facing application and tell
> > you whether they are vulnerable or not but I am looking for a host
> > based solution similar to Secunia PSI
>
> Secunia sells CSI which does exactly what you'd expect based on your
> PSI experience, but is aimed at corporate environments. 
>
> However, I think you'd be happier doing credentialed scanning without
> the pain of a host based agent to maintain and have consuming memory
> and resources on every single machine and virtual image in your
> environment.  
>
> I looked pretty hard at this space a year ago and installed BigFix,
> LanDesk, Rapid7 Nexpose and Tenable Security Center.  Secunia CSI we
> looked at but as they lacked a remediation workflow, and didn't
> support unix, we ruled them out.  The host based approaches are about
> 2x as expensive for the same IP count and have the agent footprint to
> maintain.  They also tend to come from companies that don't track
> vulnerabilities (e.g Bigfix, Landesk) nearly as well as security
> companies (Tenable, Rapid7, Secunia) do.  Secunia is really the only
> serious player to track that many applications in a host based agent,
> as they have a wonderful dataset to play with courtesy of willing PSI
> users.  You'll find the app support to be relatively narrow in the
> other host based players.  Be sure to ask for a supported app list
> when shopping for these! 
>
> On the remote vuln scanner side, though, plugin accuracy and
> application support breadth for client-side apps is really excellent
> with Nessus from Tenable.  If you need enterprise goodies like
> dashboards, trending, metrics, support for multiple users to separate
> scan and credential handling duties from those who need a read only
> view in order to do remediation, then Tenable Security Center will be
> possibly interesting to you.  If all you need to know is what hosts
> are vulnerable NOW and your environment is small enough to not need
> trending scheduling and multiple user support, you might be able to
> get away with a Nessus pro feed license which is ~$1500/year if memory
> serves.  
>
> Good luck! 
>
> Best Regards, 
> --
> Todd Haverkos, LPT MsCompE
> http://haverkos.com/
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------