Opinions on consolidating longitudinal views of machines

[Robert Jr Desilets <desilets () ISC UPENN EDU>]

Greetings,


We are looking to improve our longitudinal view of vulnerable and changing systems in our environment.  We currently 
use Nessus, nmap and our SourceFire IDS to see what our environment looks like.  How are folks handling results of 
various scans — are you using open-source projects like Lair, Dradis, or OSSIM to consolidate results?  We’ve 
considered Nessus Security Center, but it can get expensive when we start monitoring large numbers of IP addresses.


Thanks in advance!


Bob

~~~~~~~~~~~~~~~~
Bob DeSilets
Sr. Information Security Analyst
Information Systems and Computing
University of Pennsylvania
desilets () isc upenn edu
(215)573-6865

PGP Fingerprint:
CB8F 74C5 0F39 9181 AB73 37E9 73F8 11B2 5C59 9A05