Penetration Testing mailing list archives

Re: QualysGuard - VA/PT appliance

From: Julio Uricari <uricari () gmail com>
Date: Wed, 24 Aug 2005 15:26:08 -0300

a time ago I saw and analyse Qualys  and in my opinion it has too many
false possitives, for instance some patches that seems to be missing ,
but when you  go to check the server thay era already installed., but
its just a subjective opinion.
Sorry for my english.

LIUX

On 8/24/05, Stefano Zanero <s.zanero () securenetwork it> wrote:

The products from the Italian company e-Maze do just the same:
http://www.emaze.net/English/products/index.htm

I agree with your concerns regarding the transmission of such sensitive
data to an outsourcer, in particular for entities with strict auditing
regulations.

In addition, I find (as always) that calling a simple automated scan a
"Vulnerability assessment", "Risk assessment" or even a "Penetration
test" (sigh) is an offense for anybody who professionally engages in
these activities.

Best,
Stefano Zanero
---------------------------
Secure Network S.r.l.
www.securenetwork.it

Current thread:

QualysGuard - VA/PT appliance prasanna.mukundan (Aug 23)
- AW: QualysGuard - VA/PT appliance Engelke, Stephan (Aug 24)
- <Possible follow-ups>
- RE: QualysGuard - VA/PT appliance Gonenc, Ozan (Aug 23)
  - Re: QualysGuard - VA/PT appliance David Dischler (Aug 23)
    - Re: QualysGuard - VA/PT appliance Norman Girard (Aug 24)
- QualysGuard - VA/PT appliance marc bayerkohler (Aug 23)
  - RE: QualysGuard - VA/PT appliance Richard Zaluski (Aug 24)
  - Re: QualysGuard - VA/PT appliance NewYork User (Aug 24)
  - Re: QualysGuard - VA/PT appliance Stefano Zanero (Aug 24)
    - Re: QualysGuard - VA/PT appliance Julio Uricari (Aug 24)
- Re: QualysGuard - VA/PT appliance Gary Nichols (Aug 24)
- Re: Re: QualysGuard - VA/PT appliance tervanp (Aug 24)
- RE: QualysGuard - VA/PT appliance prasanna.mukundan (Aug 26)