Re: Fully Automating Security Scanners

[Ron Gula <rgula () tenable com>]

On 6/11/2011 12:09 PM, Anatoly Bodner wrote:
> Has anyone ever looked into scripting/automating community or commercial
> security scanners? Are there utilities which anyone found helpful to
> support this? How effective and what aspects of automation have you been
> able to achieve, auto execution of regularly-scheduled scans, or
> creation and modification of new scans, targets, and outputs of reports?
>
> Anatoly
> abodner () gmail com <mailto:abodner () gmail com>

Hi there,

We have two white papers about Tenable's approach of combining
distributed active scanning with distributed passive scanning. Our
enterprise solution is referred to as Unified Security Monitoring.

Here are links to the papers with no need to fill out forms or enter in
fake gmail accounts:

Unified Security Monitoring Best Practices
http://www.nessus.org/expert-resources/whitepapers/unified-security-monitoring-best-practices

Firewall and Boundary Auditing
http://www.nessus.org/expert-resources/whitepapers/firewall-and-boundary-auditing

The firewall and boundary auditing paper takes the concept of putting a
scanner or sniffer outside your firewall to audit what ports are open to
new levels.

-- 
Ron Gula, CEO
Tenable Network Security
http://www.tenable.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com