Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Metasploit and NeXpose

From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 13 Jan 2010 22:29:26 -0500
Hi,

We have been using Nexpose for over a year and are happy with the product.

Thanks,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Thursday, January 14, 2010 11:10 AM +1000 Greg Vickers <g.vickers () qut edu au> wrote:


Hi all,

We are reviewing scanning tools to apply to our web environment to find the problems before the bad guys do.  I've gone 
back through the list archive and
read the "Rapid7 NeXpose" thread from June last year.

I've just spoken to a sales manager from Rapid7 (I was impressed, he called me in Australia after the web interface to 
request further information broke and
I wound up emailing sales () rapid7 com) and got the blurb from them about the difference between Metasploit and 
NeXpose.

I was wondering who here uses Metasploit or NeXpose and would be very interested in finding out if anyone has moved 
from Metasploit to NeXpose.

We currently use Nessus for doing OS level scans and the basic cgi/web based scans Nessus can do.  I would be interested in 
hearing people's opinions on the
advantages or otherwise between Nessus and Metasploit/NeXpose.

Thanks,
--
Greg Vickers
Phone: +61 7 3138 6902
Project Manager, IT Security Program
Queensland University of Technology, CRICOS No. 00213J





Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Previous By Date Next
Previous By Thread Next

Current thread: