Re: Fully Automating Security Scanners

[Todd Haverkos <infosec () haverkos com>]

Anatoly Bodner <abodner () gmail com> writes:

> Has anyone ever looked into scripting/automating community or commercial
> security scanners? Are there utilities which anyone found helpful to support
> this? How effective and what aspects of automation have you been able to
> achieve, auto execution of regularly-scheduled scans, or creation and
> modification of new scans, targets, and outputs of reports?

Tenable Security Center is Tenable's solution to this issue for Nessus
scans... and it's pretty darned nice if you're in a place where you
need to do repeated and scheduled scans of an enterprise and manage
the results, see what's been mitigated and when, create dashboards of
trends, manage users with various trust levels (e.g. remediators only
get to see results for machines they're responsible for, don't get to
launch scans or break anything), search all results for keywords,
create custom audit files, and such goodies. 

Competitors of course seems to enjoy selling people on [their tool] vs
just Nessus and hope no one learns about the real analog to their
enterprise tool... is Security Center.  And they really don't seem to
want you to know that Security Center seems to run faster, even on far
lesser hardware, does credentialed unix scanning better, and has
customizeable dashboarding rather than pointing you towards buying
Archer or a GRC to get useful info out of the scan repository.

But competition is good, and hopefully the rivalries keep all the vuln
scanners getting better.


--
Todd Haverkos, LPT MsCompE
http://haverkos.com/
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com