Reported vulnerability count is not a useful measurement for comparing two vulnerability scanners.
One vulnerability scanner may report all missing patches, including ones that are superseded by others in the same report, while another does not. For instance, OpenVAS is far more useful to me than Nessus due to the architecture of the scanner, and of course being open source is great. All the patch scanners out there will help you begin regularly auditing and patching your networks. > On Oct 20, 2015, at 8:51 PM, Diego Gomes <[email protected]> wrote: > > Hi guys! > > We have here Nessus Professional! > > I identified some different results while comparing... > > For example, I noticed that OpenVAS found more vuls than Nessus. (ok, not > sure if false-positive or mismatch plugin, configuration, etc...) > > But, what I mean is.... > > Should be OpenVAS more efficient than Nessus? Should I trust in one and not > in other? > > Of course, we always need to use 2 different tools for analysis, but my > questions is very interesting and I would like to check your opinions about > it! > > Thanks, > > Diego > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
