PaulDotCom mailing list archives
Re: [Security Weekly] SecurityCenter alternative
From: Steven McGrath <smcgrath () tenable com>
Date: Mon, 4 Aug 2014 15:06:39 +0000
SC certainly isn’t cheap (as a former SC customer that moved over to Tenable I can attest to that) however I can point out that the data aggregation, trending, and custom reporting were huge wins in my book. I guess its a time/money trade-off. How much time do you want to spend either cobbling together a tool or manually aggregating the data when there is another tool already out there that can do it out of the box. I can speak in more detail if you want off-list. On Aug 4, 2014, at 9:55 AM, Paul Asadoorian <paul () securityweekly com> wrote:
Thanks all for the informative discussion! I know, I'm jumping in late, some closing thoughts on the subject: - SecurityCenter has the unique advantage of consolidating plugin updates, meaning you could have hundred of Nessus scanners deployed in your organization, and the scanners get the plugin feed from your SecurityCenter system. The removes the requirement of Internet access (From the scanners), and greatly eases the administration effort required to maintain multiple Nessus scanners. - SecurityCenter gives you way more than just control of your scanners (Scanning, Sniffing, Logging all in one place to share/delegate, correlate, trend, dashboard and report) - I've used RISU before and really like it, and have not yet used Carlos's Powershell script or Adrien's OSSAMS. Adding to my list of things to check out :) - If you are, or have in the past, heavily using the Nessus XMLRPC API, contact me off list... Cheers, Paul k41zen wrote:Thanks for all of your help. We are in discussions with our Tenable contact about solutions for this issue. They’ve helped me out by enabling me to move forward to at least deploy this into a Pre-Production environment but the costs of SC are a massive stumbling block; hence my question about something else. Appreciate we have a big Nessus fan base here of which I am a member too, but just wondered what could be wrapped around it. I’ll take a look at the suggestions made and if I find something will let you know. Thanks again. On 2 Aug 2014, at 16:01, Moses Hernandez <moses () moses io <mailto:moses () moses io>> wrote:RISU is good, I would also check out the following @DigiNinja Tool: http://digi.ninja/projects/nexcser.php Nexcser can do take .nessus2 file outputs and combine them into a single csv. That may help. I personally don't think that the value of Security Center is that. One of the new things I've noticed you can do in the Latest Nessus is you can control different sensors from the UI, but I understand if your truly air gapped that the functionality is not going to help you, in that way, Security Center would also not help as it was designed probably. Moses @mosesrenegade www.moses.io <http://www.moses.io/> On Sat, Aug 2, 2014 at 7:26 AM, Larry Petty <lspetty () gmail com <mailto:lspetty () gmail com>> wrote: Ken, Since these locations do not have Internet connectivity, I assume you have point to point circuits between them? Otherwise any solution will require you to manually combine your scan data. If you do have connectivity between the sites, you can use the new Muiti Scanner feature in Nessus. You'll then need something to parse the scan data. Since your not using this for one-time consulting engagements, you would probably want to dump the data into SQL or even Access. You could also use Carlos Perez's Nessus PowerShell script to parse the data into a .csv file. For the most part, it works well. If creative it should provide all the data you need. I did have some issues with it and didn't get a response from Carlos when I emailed him. However, we ended up creating a little .Net app to clean up the data. Next, build yourself an Excel spreadsheet template with all of the data you want to see. One way to do this is to import all the data into a master worksheet. Then create separate worksheets with pivot tables that break the data down into "dashboards". You can use these worksheets to create charts, display trending, sort and filter vulns, and even display remediation reports. You could import the data into your Excel template directly from Access or from data parsed from the above mentioned PowerShell script. On Fri, Aug 1, 2014 at 7:41 PM, Tim Krabec <tkrabec () gmail com <mailto:tkrabec () gmail com>> wrote: ssh port forwarding? Tim Krabec tkrabec.com <http://tkrabec.com/> Bio <http://timkrabec.brandyourself.com/> On Wed, Jul 30, 2014 at 1:03 PM, Kai Zen <k41zen () me com <mailto:k41zen () me com>> wrote: So I've got 4 separate Nessus scanners on 4 separated networks with no connectivity to the internet. Does anyone know of an alternative to the reporting, trending and filtering capabilities of SecurityCenter? Ideally free. The scanner management pieces of SecuirtyCenter are of no benefit to me as the scanners are separate and the costs are just too high. What I'm looking for is something to take the output from the scans and correlate that information to give me that central view. Grateful for any info. jcvd _______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com <mailto:securityweekly () mail securityweekly com> http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com <http://securityweekly.com/> _______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com <mailto:securityweekly () mail securityweekly com> http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com <http://securityweekly.com/> _______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com <mailto:securityweekly () mail securityweekly com> http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com <http://securityweekly.com/> _______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com <mailto:securityweekly () mail securityweekly com> http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com_______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com-- Paul Asadoorian Founder & CEO Security Weekly / Stogie Geeks http://securityweekly.com 401.829.9552 _______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com
_______________________________________________ securityweekly mailing list securityweekly () mail securityweekly com http://mail.securityweekly.com/cgi-bin/mailman/listinfo/securityweekly Main Web Site: http://securityweekly.com
Current thread:
- Re: [Security Weekly] SecurityCenter alternative, (continued)
- Re: [Security Weekly] SecurityCenter alternative Frank McClain (Aug 01)
- Re: [Security Weekly] SecurityCenter alternative Jason Wood (Aug 01)
- Re: [Security Weekly] SecurityCenter alternative Tim Krabec (Aug 01)
- Re: [Security Weekly] SecurityCenter alternative Larry Petty (Aug 02)
- Re: [Security Weekly] SecurityCenter alternative Carlos Perez (Aug 03)
- Re: [Security Weekly] SecurityCenter alternative Larry Petty (Aug 03)
- Re: [Security Weekly] SecurityCenter alternative Moses Hernandez (Aug 03)
- Re: [Security Weekly] SecurityCenter alternative Adrien de Beaupre (Aug 04)
- Re: [Security Weekly] SecurityCenter alternative k41zen (Aug 04)
- Re: [Security Weekly] SecurityCenter alternative Paul Asadoorian (Aug 04)
- Re: [Security Weekly] SecurityCenter alternative Steven McGrath (Aug 04)
- Re: [Security Weekly] SecurityCenter alternative Larry Petty (Aug 02)