Re: Vulnerability scanning and reporting software

["Ferris, Joe" <jferris () ADMIN FSU EDU>]

David -

 

We have had a lot of success with Rapid7's NeXpose vulnerability
scanner.  NeXpose is an intricate part of our overall vulnerability and
risk management program as well as our more specific campus
client/server audit program.  One of the main reasons that we purchased
this solution is for the reporting capabilities.  The remediation
reporting clearly lays out a path for the departmental sysadmin to
follow explaining corrective actions for each vulnerability/exposure.
Previously our decentralized structure created challenges for
distributing scan information to the departmental representatives, now
we setup their accounts with the proper access and let them get to work.
We still have the overall view of the university while each department
only see's their managed assets.  Feel free to send me a note off list
if you would like more specifics; use of the scanner, audit program,
etc...

 

NeXpose:

http://rapid7.com/nexpose/overview.jsp 

 

 

Joe Ferris

Network Security Engineer

Florida State University

IT Security Team

jferris () fsu edu 

 

 

 

From: David Taylor [mailto:ltr () ISC UPENN EDU] 
Sent: Thursday, November 01, 2007 12:37 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Vulnerability scanning and reporting software

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

Hi all,

 

 

 

As everyone else we have various systems on our campus that either
provide critical infrastructure, hosts some kind of sensitive data, etc.
We call these Critical Hosts and have a database to keep track of them.

 

 

 

We would like to take a more proactive step in ensuring they are
up-to-date with patches (OS and 3rd party), identify weak passwords and
other weaknesses.  We are a decentralized campus for the most part and
dont have a campus-wide Active Directory infrastructure.

 

 

 

Our Critical Hosts run various operating systems which include Microsoft
Windows, UNIX, Linux and Mac  OS X. We are hoping to find a solution
that will be compatible on these platforms and have the ability to send
alerts to a central console so that we can check the status of each
system on a monthly (or on demand) basis.

 

 

 

We had eEye Digital come out to give us a presentation on their Retina
and REM console.  I was hoping that some of you might have some
suggestions for other Vendors that do this type of thing.  We would like
to get a list together and compare functionality and cost then maybe
evaluate.

 

 

 

We would appreciate any suggestions.

 

 

 

 

- -------------------------------

David Taylor

University of Pennsylvania

Office of Information Security

215-898-1236

- -------------------------------

 

 

 

The information contained in this e-mail message is intended only for
the personal and confidential use of the recipient(s) named above. If
the reader of this message is not the intended recipient or an agent
responsible for delivering it to the intended recipient, you are hereby
notified that you have received this document in error and that any
review, dissemination, distribution, or copying of this message is
strictly prohibited. If you have received this communication in error,
please notify us immediately by e-mail, and delete the original message.

 

 

 

 

-----BEGIN PGP SIGNATURE-----

Version: 9.6.3 (Build 3017)

 

wj8DBQFHKgDDrFOwyUiOUlwRAjoIAJ0R6+2sW++4sc+XOw5U9ydrnSSDmwCgqMA9

aPJMDIdd8Ch2QmCoUZ9b/2k=

=UicG

-----END PGP SIGNATURE-----