Re: [Full-Disclosure] Comparison of Network Security Scanners

insecure Fri, 02 Jul 2004 08:26:43 -0700

Not only is the test not indenpendent, it is extremely out of date (more than a year old). Several of the programs in the comparison have had major updates since then, while the "winner" of this comparison has not. This could easily have a significant effect on the outcome of a similar comparison, if done today. Also, cost effectiveness of the product would have to be a major consideration in any real-world comparison, yet is totally overlooked.

These kinds of comparisons are always of questionable value. What is best in one environment may not work at all in another. For most small to medium sized organizations, the costly commercial alternatives would not provide a significant benefit over the low-cost or free systems such as nessus and LanGuard (3.3 is free for scanning unlimited IP's, it only costs if you want software/patch deployment and custom reporting).

Jerry

Alexander wrote:

Hi!

Certainly, this test is not independent. However, methodology of the
tests is completely described, and everyone can check up them. I did not
see any other similar tests comparing various vulnerability scanners.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] Comparison of Network Security Scanners

Reply via email to