Penetration Testing mailing list archives
RE: Vulnerability - Tracking and Remediation
From: "Kevin Reiter" <KReiter () insidefsi net>
Date: Wed, 18 Apr 2007 09:52:51 -0400
Glad to help. There's a lot of documentation available that tells you how to customize the majority of the app (custom fields, etc.), but there's so much of it I haven't even attempted it yet ;) -----Original Message----- From: xelerated [mailto:xelerated () gmail com] Sent: Wednesday, April 18, 2007 7:46 AM To: Kevin Reiter; pen-test () securityfocus com Subject: Re: Vulnerability - Tracking and Remediation Thanks for the mantis ref, that looks like it just might fit the bill. Thanks! On 4/17/07, Kevin Reiter < KReiter () insidefsi net> wrote: I've been using Mantis (which is actually a software bug-tracking system) to track all the security issues, and it's been working out very well. URL is http://www.mantisbugtracker.com/ On 4/13/07, xelerated <xelerated () gmail com> wrote:
I have a question for the pen test community. Does anyone have a free (OSS or other) way to take your vuln scan data (nessus in this case) and do tracking and remediation? As it sits now, I scan at work atleast 300 machines a month, and my monthly list is growing, and will soon include subnets as well. I used to take the pipe delimited format and run it through excel and work with it from there. and that worked fine back when I was only scanning 200 a month max but its become extremely cumbersome. Also, if there is no such good tool out there, im no coder, but if others out there would like to work on such a project id like to do that too. Thanks!
Kevin Reiter Senior Security Engineer Financial Services, Inc. 21 Harristown Road Glen Rock, New Jersey 07452 (201)652-6000, ext. 588 PGP ID: 0xEE665233 This message may contain confidential or proprietary information and is intended solely for the individual(s) to whom it is addressed. If you are not a named addressee you should not disseminate, distribute or copy this e-mail or act upon the information contained herein. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Vulnerability - Tracking and Remediation xelerated (Apr 13)
- Re: Vulnerability - Tracking and Remediation Francois Yang (Apr 16)
- RE: Vulnerability - Tracking and Remediation Kevin Reiter (Apr 17)
- <Possible follow-ups>
- RE: Vulnerability - Tracking and Remediation Kevin Reiter (Apr 18)
- Re: Vulnerability - Tracking and Remediation Francois Yang (Apr 16)