Educause Security Discussion mailing list archives
Re: OS Vuln Scanners
From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Fri, 18 Apr 2008 12:06:16 -0500
We're liking nCircle in pilot/rollout for a large (35 institutions, ~70 locations, and ~100k endpoints) system with lots of delegated responsibility. And the mindsset that it's *managing" vulnerabilities, not purely finding them. Though nCircle appears to keep up about as well as other vuln scanners on a network-services, so far. We haven't done a lot of work with authenticated scanning of hosts as yet, but the early adopters are pretty happy, and it does seem to be very effective on Windows machines, at least on MS vulns. We haven't done a detailed tracking of authenticated scanning versus 3d party application vulns as yet.. -jml John Ladwig - Minnesota State Colleges and Universities ITS Wells Fargo Place 30 7th St. E., Suite 350 St. Paul, MN 55101-7804 Email: John.Ladwig () csu mnscu edu Voice: +1.651.201.1458 Fax: +1.651.917.4731 IM: xmpp:ladwigjo () jabber its mnscu edu
Aaron Kirby <akirbyco () GMAIL COM> 2008-04-18 11:27 >>>
I've seen nCircle used with pretty good success in distributed environments. Rick Holland wrote:
Kevin Lanning wrote:I'd appreciate info from list members regarding best products in this category from your real life experience as a security professional in higher ed. thanks,Kevin, We have an ISS appliance, but I actually prefer using Nessus. We also use Languard on windows hosts and I think that works well.
Current thread:
- OS Vuln Scanners Kevin Lanning (Apr 18)
- <Possible follow-ups>
- Re: OS Vuln Scanners Tumas, Jay (Apr 18)
- Re: OS Vuln Scanners Rick Holland (Apr 18)
- Re: OS Vuln Scanners Aaron Kirby (Apr 18)
- Re: OS Vuln Scanners John Ladwig (Apr 18)
- Re: OS Vuln Scanners Curt Wilson (Apr 18)
- Re: OS Vuln Scanners Brian Epstein (Apr 18)
- Re: OS Vuln Scanners Kevin Halgren (Apr 22)
- Re: OS Vuln Scanners Ferris, Joe (Apr 22)
- Re: OS Vuln Scanners Han Lievens (Apr 23)