At 12:10 PM 8/22/2006, Lee Parkes wrote: >Hi, >In the course of our work my colleagues and I use Nessus as the primary >vulnerability assesment tool. However, in this age of 'risk management' the >upper management have decided that we should use at least two distinct scanning >tools. Whilst we use Qualys for remote scans, we can't use it on most on-site >jobs. >My question is, is there another scanner, free or payware, that people >recommend as being of comparable quality to Nessus? The preference is for a >tool that isn't based on Nessus so that we have two independent scans.
Hi Lee, Although I firmly respect anyone's wishes to use two scanners, I would consider the following thoughts: - You are absolutely right to make sure that the second vendor does not base their scans or data off of Nessus. And even if they don't run the "nessus" engine, you should pick the last 10 or so Bugtraq IDs or CVEs and see when the vendor added them. You may or may not be surprised how often new checks in 3rd party scanners get added once they hit the Nessus registered feed. - Instead of two scanners, I would really argue to use two or more technologies. Assume for a second that two network scanner technologies are roughly equal. What value does adding credentialed patch auditing to the mix? When Nessus connects to port 80 and starts doing web analysis, this is a completely different process then when it logs in via a domain or credentials and performs a patch audit. - If there is a question in the quality of the scans or the accuracy of the results, I would highly recommend that a passive continuous solution like our Passive Vulnerability Scanner be used. Passive network monitoring is real-time and sees everything on the network regardless of port, protocol or client-side firewalls. Ron Gula, CTO Tenable Network Security http://www.nessus.org http://www.tenablesecurity.com http://blog.tenablesecurity.com _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
