Educause Security Discussion mailing list archives
Re: Vulnerability Management Product.
From: "Keller, Alex" <axkeller () STANFORD EDU>
Date: Tue, 31 Mar 2015 01:42:24 +0000
Hi Robert, Both Qualys and Rapid7 (Nexpose) are mature and potentially effective products in the vulnerability management genre. Ultimately the success of your initiative will likely depend more on the remediation lifecycle process and buy in from management/stakeholders (the carrot & stick), than which specific tool(s) you select. I would strongly recommend running a scoped pilot to inform steps toward a wider deployment. Qualys or Rapid7 (or other top vendor in this space) should be happy to accommodate a free test drive of their product, providing an invaluable opportunity to run it through the paces in your environment while measuring the responsiveness of their sales and support team. This 2013 Gartner MarketScope for Vulnerability Assessment is a bit dated but provides a good entry point (not vouching for the satisnet.co.uk site, they just happen to have a copy of the report for linking): http://www.satisnet.co.uk/pdfs/Gartner-MarketScope-Vulnerability-Assessment-2013.pdf I'd be happy to chat offline about our experiences, pitfalls, etc. Best, Alex Alex Keller Information Technology Stanford School of Engineering axkeller () stanford edu (650) 736-6421 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Robert Olivarez Sent: Monday, March 30, 2015 9:39 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Vulnerability Management Product. Hi, is anyone using a Vulnerability Management tool? We are looking at the following products and were wondering if anyone had any input. Qualys Trustwave NetIQ Rapid 7 RSAM Robert Olivarez Technology Security Awareness Specialist Technology Security Services, ITS New York University http://www.nyu.edu/its/security
Current thread:
- Vulnerability Management Product. Robert Olivarez (Mar 30)
- Re: Vulnerability Management Product. David D Grisham (Mar 30)
- Re: Vulnerability Management Product. Brenda B. Gombosky (Mar 30)
- Re: Vulnerability Management Product. Robert Olivarez (Mar 30)
- Re: Vulnerability Management Product. Brenda B. Gombosky (Mar 30)
- Re: Vulnerability Management Product. Keller, Alex (Mar 30)
- Re: Vulnerability Management Product. David D Grisham (Mar 30)