We use Nessus for most of the Vulnerability assessments that we perform (unless a customer desires otherwise) and have decided the one feature that is a drawback for "Nessus vs. ISS" or any other commercially available vulnerability scanner is the lack of quality from generated reports. With an ISS scan, the reports are generated in such a way that very little modification is required to submit as a deliverable, but with Nessus scan outputs, we usually have to index the worst of the worst, make our own document, and bundle that with the report itself. Nessus is definitely ahead of the curve with respect to the technical aspects of the challenge (determine vulnerabilities quickly and accurately), but as I've found with lots of other Open Source solutions, the back-end that is presented to a customer is lacking.
Cheers, Ben ------ Ben Vaughn Security Analyst Blackbird Technologies 703-796-1438 W / 703-868-5258 C [EMAIL PROTECTED] ------ -----Original Message----- From: Maria Magnusson [mailto:[EMAIL PROTECTED]] Sent: Friday, June 14, 2002 8:38 AM To: [EMAIL PROTECTED] Subject: Report generator? Hi, I am looking for a better interface to generate reports from Nessus. Would like to select certain types of vulnerabilities etc. Am tired of manually editing the output files. Any hints where to find such an interface or do I have to write it myself? :) --Maria
BEGIN:VCARD VERSION:2.1 N:Vaughn;Ben FN:Ben Vaughn TEL;WORK;VOICE:703.796.1438 TEL;HOME;VOICE:703.205.9719 TEL;CELL;VOICE:703.868.5258 ADR;WORK:;217-C LABEL;WORK:217-C EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:20020607T194757Z END:VCARD
smime.p7s
Description: application/pkcs7-signature
