Educause Security Discussion mailing list archives
Re: Vulnerability Scanner Recommendations
From: Kevin Wilcox <wilcoxkm () APPSTATE EDU>
Date: Thu, 15 Nov 2012 12:27:07 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Nov 15, 2012 at 11:21:54AM -0500, Greg Schmalhofer wrote:
Can anyone recommend a particular vulnerability scanner software, product, appliance, or service that you are using at your campus? This is a need at our campus and I am trying to review the different options available for a small campus. Thanks for any help, insight, or feedback you can provide.
If you're looking for something to raise general awareness or you need something low-cost to justify one of the more expensive solutions, OpenVAS is a fork of Nessus 2.2. Nessus has a significantly larger vulnerability base and significant speed/threading improvements but for a smaller campus, limited budgets or as a proof-of-necessity, OpenVAS is a solid product. I vaguely remember it taking about twenty or thirty minutes to stand up an Ubuntu Server VM with OpenVAS ready to go. Yes, I use it regularly for scanning inside my department. Nessus is the gold standard in this space. It's a solid product and yes, we're customers. Nexpose from Rapid7 is solid but pricey. The generic reports are nearly identical to what you get from Nessus and OpenVAS but their remediation and custom reports are great, plus you get a product that can intimately interact with Metasploit (now a Rapid7 product as well). Call them, schedule a demo, it's very cool. We're not customers but I still appreciate what I've seen of it via friends in the VA/PT space and other institutions. AlienVault ships with OpenVAS (you can replace it with Nessus) and provides Snort and OSSEC, as well as some decent log aggregation/search (I prefer ELSA for logs but I digress...). They have an upgrade route from their free product (OSSIM) to their proprietary product and offer a 28-day evaluation of their "Unified Security Management" appliance. I had some issues with OSSIM in a virtual environment but that was a couple of years ago and they've made huge strides. I'm hoping to get one of the USMs on campus in the near future. Good luck! kmw -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAlClJeoACgkQsKMTOtQ3fKGi8wCfRKSqrIuwzTyKPWZ2kXSQRz4Q V50AoKuifVKBfnAMaF4d2s1pDLf0B35K =yyqH -----END PGP SIGNATURE-----
Current thread:
- Vulnerability Scanner Recommendations Greg Schmalhofer (Nov 15)
- Re: Vulnerability Scanner Recommendations Sigmon, Aaron (Nov 15)
- Re: Vulnerability Scanner Recommendations Roger A Safian (Nov 15)
- Re: Vulnerability Scanner Recommendations mccalluq (Nov 15)
- Re: Vulnerability Scanner Recommendations Roger A Safian (Nov 15)
- Re: Vulnerability Scanner Recommendations Walter Petruska (Nov 15)
- Re: Vulnerability Scanner Recommendations Kevin Wilcox (Nov 15)
- Re: Vulnerability Scanner Recommendations Shamblin, Quinn (Nov 15)
- Re: Vulnerability Scanner Recommendations George Farah (Nov 15)
- Re: Vulnerability Scanner Recommendations Barron Hulver (Nov 16)
- Re: Vulnerability Scanner Recommendations Kevin Halgren (Nov 16)
- Re: Vulnerability Scanner Recommendations John Ladwig (Nov 16)
- <Possible follow-ups>
- Vulnerability Scanner Recommendations Carlos Lobato (Nov 15)
- Re: Vulnerability Scanner Recommendations Sigmon, Aaron (Nov 15)