PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Security Weekly] SecurityCenter alternative

From: Steven McGrath <smcgrath () tenable com>
Date: Mon, 4 Aug 2014 15:06:39 +0000
SC certainly isn’t cheap (as a former SC customer that moved over to Tenable I can attest to that) however I can point 
out that the data aggregation, trending, and custom reporting were huge wins in my book.  I guess its a time/money 
trade-off.  How much time do you want to spend either cobbling together a tool or manually aggregating the data when 
there is another tool already out there that can do it out of the box.

I can speak in more detail if you want off-list.

On Aug 4, 2014, at 9:55 AM, Paul Asadoorian <paul () securityweekly com> wrote:


Thanks all for the informative discussion!

I know, I'm jumping in late, some closing thoughts on the subject:

- SecurityCenter has the unique advantage of consolidating plugin
updates, meaning you could have hundred of Nessus scanners deployed in
your organization, and the scanners get the plugin feed from your
SecurityCenter system. The removes the requirement of Internet access
(From the scanners), and greatly eases the administration effort
required to maintain multiple Nessus scanners.

- SecurityCenter gives you way more than just control of your scanners
(Scanning, Sniffing, Logging all in one place to share/delegate,
correlate, trend, dashboard and report)

- I've used RISU before and really like it, and have not yet used
Carlos's Powershell script or Adrien's OSSAMS. Adding to my list of
things to check out :)

- If you are, or have in the past, heavily using the Nessus XMLRPC API,
contact me off list...

Cheers,
Paul

k41zen wrote:

Thanks for all of your help. 

We are in discussions with our Tenable contact about solutions for this
issue. They’ve helped me out by enabling me to move forward to at least
deploy this into a Pre-Production environment but the costs of SC are a
massive stumbling block; hence my question about something else.
Appreciate we have a big Nessus fan base here of which I am a member
too, but just wondered what could be wrapped around it.

I’ll take a look at the suggestions made and if I find something will
let you know.

Thanks again.

On 2 Aug 2014, at 16:01, Moses Hernandez <moses () moses io
<mailto:moses () moses io>> wrote:


RISU is good, I would also check out the following @DigiNinja Tool:

http://digi.ninja/projects/nexcser.php

Nexcser can do take .nessus2 file outputs and combine them into a
single csv. That may help.

I personally don't think that the value of Security Center is that.
One of the new things I've noticed you can do in the Latest Nessus is
you can control different sensors from the UI, but I understand if
your truly air gapped that the functionality is not going to help you,
in that way, Security Center would also not help as it was designed
probably.

Moses
@mosesrenegade
www.moses.io <http://www.moses.io/>




On Sat, Aug 2, 2014 at 7:26 AM, Larry Petty <lspetty () gmail com
<mailto:lspetty () gmail com>> wrote:

   Ken,

   Since these locations do not have Internet connectivity, I assume
   you have point to point circuits between them? Otherwise any
   solution will require you to manually combine your scan data.

   If you do have connectivity between the sites, you can use the new
   Muiti Scanner feature in Nessus. You'll then need something to
   parse the scan data. Since your not using this for one-time
   consulting engagements, you would probably want to dump the data
   into SQL or even Access.

   You could also use Carlos Perez's Nessus PowerShell script to
   parse the data into a .csv file. For the most part, it works well.
    If creative it should provide all the data you need. I did have
   some issues with it and didn't get a response from Carlos when I
   emailed him. However, we ended up creating a little .Net app to
   clean up the data.

   Next, build yourself an Excel spreadsheet template with all of the
   data you want to see. One way to do this is to import all the data
   into a master worksheet. Then create separate worksheets with
   pivot tables that break the data down into "dashboards". You can
   use these worksheets to create charts, display trending, sort and
   filter vulns, and even display remediation reports.

   You could import the data into your Excel template directly from
   Access or from data parsed from the above mentioned PowerShell script.






   On Fri, Aug 1, 2014 at 7:41 PM, Tim Krabec <tkrabec () gmail com
   <mailto:tkrabec () gmail com>> wrote:

       ssh port forwarding?

       Tim Krabec
       tkrabec.com <http://tkrabec.com/>
       Bio <http://timkrabec.brandyourself.com/>



       On Wed, Jul 30, 2014 at 1:03 PM, Kai Zen <k41zen () me com
       <mailto:k41zen () me com>> wrote:

           So I've got 4 separate Nessus scanners on 4 separated
           networks with no connectivity to the internet.

           Does anyone know of an alternative to the reporting,
           trending and filtering capabilities of SecurityCenter?
           Ideally free. The scanner management pieces of
           SecuirtyCenter are of no benefit to me as the scanners are
           separate and the costs are just too high.

           What I'm looking for is something to take the output from
           the scans and correlate that information to give me that
           central view.

           Grateful for any info.

           jcvd
           _______________________________________________
           securityweekly mailing list
           securityweekly () mail securityweekly com
           <mailto:securityweekly () mail securityweekly com>
           http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
           Main Web Site: http://securityweekly.com
           <http://securityweekly.com/>



       _______________________________________________
       securityweekly mailing list
       securityweekly () mail securityweekly com
       <mailto:securityweekly () mail securityweekly com>
       http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
       Main Web Site: http://securityweekly.com
       <http://securityweekly.com/>



   _______________________________________________
   securityweekly mailing list
   securityweekly () mail securityweekly com
   <mailto:securityweekly () mail securityweekly com>
   http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
   Main Web Site: http://securityweekly.com <http://securityweekly.com/>


_______________________________________________
securityweekly mailing list
securityweekly () mail securityweekly com
<mailto:securityweekly () mail securityweekly com>
http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
Main Web Site: http://securityweekly.com


_______________________________________________
securityweekly mailing list
securityweekly () mail securityweekly com
http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
Main Web Site: http://securityweekly.com


-- 
Paul Asadoorian
Founder & CEO
Security Weekly / Stogie Geeks
http://securityweekly.com
401.829.9552

_______________________________________________
securityweekly mailing list
securityweekly () mail securityweekly com
http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
Main Web Site: http://securityweekly.com


_______________________________________________
securityweekly mailing list
securityweekly () mail securityweekly com
http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly
Main Web Site: http://securityweekly.com
Previous By Date Next
Previous By Thread Next

Current thread: