Educause Security Discussion mailing list archives

Re: Penetration Testing Software

From: Jay Tumas <jay_tumas () HARVARD EDU>
Date: Tue, 10 Mar 2009 09:52:47 -0400

I will echo the comments below - The Core Security product and team
deliver some of the best pen testing performance and features on the
market today.  We've had great success with them over the years.

J

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jay Tumas - BSEE, NSA/IAM&IEM
                      ~~~~~~~~~~~~~~~~~~~~
- Network Operations, Security and Incident Response Team Manager
- Longwood Medical Area Technical Subcommittee Chair
                      ~~~~~~~~~~~~~~~~~~~~
       Harvard University - UIS/Network Operations Center
                  60 Oxford Street, Suite 132
                      Cambridge, MA. 02138
                      ~~~~~~~~~~~~~~~~~~~~
       Office: 617-496-8500  Mobile Device: 617-733-6169
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"The first method for estimating the intelligence of a ruler is
to look at the men he has around him." - Niccolo Machiavelli



Karen Stopford wrote:


Core Impact is a little pricey, but you may get a break on licensing
costs and can reduce the overall price by limiting the number of
hosts/networks you scan at any given time.  Core also provides
external PEN testing services, and in my last analysis their
price/performance far outdid the competition.



Their Web site is http://www.coresecurity.com/ .





/C. Karen Stopford, CISSP/

/Associate Executive Officer for I.T. Security/

/CT State University System/

/39 Woodland Street/

/Hartford, CT  06105/

/(860) 493-0116/

_Note_: This email does is not intended to serve as an endorsement of
any product or service, and the opinion expressed herein is solely
that of the author based on prior private sector experience, and does
not in any way reflect the opinion or position of the CT State
University System.

*From:* The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *James R. Pardonek
*Sent:* Monday, March 09, 2009 5:24 PM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Penetration Testing Software



We are looking at penetration testing, either by a third party or by
using purchased software in-house.  I was curious what others were
doing, some costs and issues.



Thanks,



James R. Pardonek, CISSP

Senior Network Administrator

Network Infrastructure Management and Maintenance

Computing Technology and Information Services

Purdue University Calumet

Hammond, Indiana

Current thread:

Penetration Testing Software James R. Pardonek (Mar 09)
- <Possible follow-ups>
- Re: Penetration Testing Software Daniel Bennett (Mar 10)
- Re: Penetration Testing Software Karen Stopford (Mar 10)
- Re: Penetration Testing Software Joel Rosenblatt (Mar 10)
- Re: Penetration Testing Software Axworthy, Heather (Mar 10)
- Re: Penetration Testing Software Jay Tumas (Mar 10)
- Re: Penetration Testing Software Rue, Brian R. (Mar 10)
- Re: Penetration Testing Software King, Ronald A. (Mar 10)
- Re: Penetration Testing Software David Grisham (Mar 10)
- Re: Penetration Testing Software Curt Wilson (Mar 11)
- Re: Penetration Testing Software randy marchany (Mar 11)
- Re: Penetration Testing Software Christopher Jones (Mar 11)