Educause Security Discussion mailing list archives
Re: OS Vuln Scanners
From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Fri, 18 Apr 2008 12:06:16 -0500
We're liking nCircle in pilot/rollout for a large (35 institutions, ~70 locations, and ~100k endpoints) system with
lots of delegated responsibility. And the mindsset that it's *managing" vulnerabilities, not purely finding them.
Though nCircle appears to keep up about as well as other vuln scanners on a network-services, so far.
We haven't done a lot of work with authenticated scanning of hosts as yet, but the early adopters are pretty happy, and
it does seem to be very effective on Windows machines, at least on MS vulns. We haven't done a detailed tracking of
authenticated scanning versus 3d party application vulns as yet..
-jml
John Ladwig -
Minnesota State Colleges and Universities
ITS
Wells Fargo Place
30 7th St. E., Suite 350
St. Paul, MN 55101-7804
Email: John.Ladwig () csu mnscu edu
Voice: +1.651.201.1458
Fax: +1.651.917.4731
IM: xmpp:ladwigjo () jabber its mnscu edu
Aaron Kirby <akirbyco () GMAIL COM> 2008-04-18 11:27 >>>
I've seen nCircle used with pretty good success in distributed environments. Rick Holland wrote:
Kevin Lanning wrote:I'd appreciate info from list members regarding best products in this category from your real life experience as a security professional in higher ed. thanks,Kevin, We have an ISS appliance, but I actually prefer using Nessus. We also use Languard on windows hosts and I think that works well.
Current thread:
- OS Vuln Scanners Kevin Lanning (Apr 18)
- <Possible follow-ups>
- Re: OS Vuln Scanners Tumas, Jay (Apr 18)
- Re: OS Vuln Scanners Rick Holland (Apr 18)
- Re: OS Vuln Scanners Aaron Kirby (Apr 18)
- Re: OS Vuln Scanners John Ladwig (Apr 18)
- Re: OS Vuln Scanners Curt Wilson (Apr 18)
- Re: OS Vuln Scanners Brian Epstein (Apr 18)
- Re: OS Vuln Scanners Kevin Halgren (Apr 22)
- Re: OS Vuln Scanners Ferris, Joe (Apr 22)
- Re: OS Vuln Scanners Han Lievens (Apr 23)