Re: Enterprise Agent less cross platform Vulnerability Management tool

[Kenneth Walling <metajunkie () gmail com>]

I can empathize with the desire to have an all in one tool.  But - I'm not certain that having my detection and 
patching solution in the same package is desirable.  Each to his own, though.

I would give a look at Nessus.  Without the need for an agent, but provided with account credentials that are of a 
root, or administrative persuasion, you can probably get what you are looking for.  I would couple that with some 
remote management tools.  You could look into Apple Remote Desktop, if your central system will be a Mac. (you can get 
Nessus running on a Mac as well).  Chicken of the VNC would get you similar access to any windows or linux systems that 
the Apple Remote Desktop would not - you could also use that for the Mac systems (it is free).  However, I mentioned 
the Apple Remote Desktop, because it does much more than give you access.  You can push packages to the managed 
systems, and you can monitor them, and see OS version at a glance (for example). 

That being said, Mac computers are awesome at patching themselves.  I have been a quasi-serious Mac user since shortly 
after Apple got serious and decided to base the OS on a BSD sub-system and MACH micro-kernel.  I have NEVER in those 
years had a problem with a Mac not patching properly.  Compare this with Windows, where there are OFTEN problems with 
patches not completing successfully, getting hung, and/or clogging up the entire process, leaving a system vulnerable 
and an end user bewildered.  For that reason - I think you would be better off, if you can only build one system, to 
build a Windows system that can run WSUS. If you can have more than one system - then build out from there.

The notion that a software solution - or software package is "enterprise" because it is marketed as such, is a fallacy. 
 IMHO, a solution either scales to meet your needs, or it does not.  You can either get your job done with the tool, or 
you cannot.  I have heard folks say that tools were not "enterprise", just because they were not commercial.  I mention 
this as a caution.  Some of the best security tools in the world, are open source, or came from open source beginnings.

I would also suggest you get at the heart of why you cannot use an "agent".  Depending upon your definition of "agent", 
you may not have a choice.  I suspect you mean, by agent, a proprietary piece of software that needs to be added to 
each system and then adds more management and potentially another attack vector.  Would you consider a script running 
on these systems as an agent? It could be defined as such - but - it could also be a "free" (your time which isn't 
free, technically) source of an overall solution.

I hope my comments help. I'm sure someone will have a "complete solution" - but I would be wary of such.  In my 
twenty-plus years in this industry, I haven't seen a truly functional silver bullet yet.

Best of luck,

       Ken Walling
aka - Metajunkie

On Jun 26, 2012, at 1:21 AM, sfmailsbm () gmail com wrote:

> Hi all,
>
> Looking for an agentless solution to scan server park for (patchable) vulnerabilities
> Environment is a Mix of Windows, UNIX and MacOS hosts
>
> Objective is to be able to scan all the hosts identify patches that need to be installed, and deploy the patch 
> installation from the same central system - all agentless
>
> As you all know vulnerability management is one of the greatest challenges in an enterprise environment
>
> Please suggest any enterprise tool that meet these criteria...
>
> many thanks,
> Ron
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

Attachment: smime.p7s
Description: