Educause Security Discussion mailing list archives
Re: Vulnerability scanners - what do you use? What seems to be successful for your environment?
From: Stewart James <Stewart.James () VU EDU AU>
Date: Wed, 26 May 2010 12:19:01 +1000
Hi Cathy, We use Qualys here for vulnerability management. While we used Nessus for many years to perform vulnerability scanning, we really needed to start managing our issues. Qualys is essentially a cloud service with a small plug and play internal scanner located within our network. Management of the actual service is pretty much nothing as Qualys manage the web interface centrally and automatically maintain the internal scanner. We have established a regular scanning routing and administrators are given access to their systems results, generating reports as they like.
From my perspective it has been a fantastic system as I can generate
high level reports, such as top 10 most prevalent vulnerabilities and a high level summary including trends of vulnerabilities. When a resolution for a vulnerability is performed Qualys automatically detects it and closes the relevant issue, if an admin flags a weakness to be ignored, the system will stop reporting that weakness, though, it can still be seen in the "Ignored vulnerabilities" report. Qualys also has a policy compliance (e.g. CIS benchmarking) capabilities and can also perform web vulnerability scanning. We have not yet started compliance scanning and we are not licensed for the web application scanner. We have been using Acunetix to perform our web application scanning. It is fairly straight forward and easy to use, at least worth the time playing with the demo. If budget is a concern, I found Qualys to be very competitive but Nessus Pro feed coupled with Inprotect (http://inprotect.sf.net) may be a workable model for managing vulnerabiltiies. Of course, if you really are just wanting to perform ad hoc scanning vulnerability and reporting.... Nessus wins hands down! Other solutions (including tenables commercial offering) are really only useful once considering the overall "management" versus "scanning". Cheers, Stewart From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ullman, Catherine Sent: Wednesday, 26 May 2010 1:13 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Vulnerability scanners - what do you use? What seems to be successful for your environment? Greetings! I am beginning to do some research into vulnerability scanners to be used in assessing infrastructure weaknesses here at the University at Buffalo. I'm wondering if folks out there might be willing to share with us what they're using, if anything, and any experiences (good or bad) you've had with any of these products. Many thanks in advance for your assistance. Sincerely, Cathy Catherine J. Ullman Information Security Analyst Information Security Office University at Buffalo cende () buffalo edu This email, including any attachment, is intended solely for the use of the intended recipient. It is confidential and may contain personal information or be subject to legal professional privilege. If you are not the intended recipient any use, disclosure, reproduction or storage of it is unauthorised. If you have received this email in error, please advise the sender via return email and delete it from your system immediately. Victoria University does not warrant that this email is free from viruses or defects and accepts no liability for any damage caused by such viruses or defects.
Current thread:
- Vulnerability scanners - what do you use? What seems to be successful for your environment? Ullman, Catherine (May 25)
- <Possible follow-ups>
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Jon Hanny (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Alex Jalso (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Mike Hanson (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Isac Balder (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? William C. Moore II (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Stewart James (May 25)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Di Fabio, Andrea (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? John Ladwig (May 26)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Werby (May 28)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Steve Brukbacher (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Yonesy F. Nunez (Jun 02)
- Re: Vulnerability scanners - what do you use? What seems to be successful for your environment? Wayne Bullock (Jun 03)