I have the list of the Q1 Labs QRadar supported devices, and I see a few companies I have already been in contact with. The suggestion about bundling I did not know about, and will pass that along. However, I may be mistaken but global may already have that plan locked up. Even if it is just an FYI for me, that's good information to have THANK YOU!
- Robert (arch3angel) On Tue, Dec 11, 2012 at 12:26 PM, Ryker Exum <[email protected] > wrote: > QRadar takes in quite a few vuln scanners as well as pulls in from > several kinds of UTM devices (which may include vuln scanners)**** > > ** ** > > Here is a list to look through: > http://q1labs.com/products/supported-devices.aspx**** > > ** ** > > Depending on how you are managing your endpoints and budget you can > potentially bundle Qradar and Tivoli Endpoint Manager. This will let you > scan and patch to save some time. It will take in data from other scanners > as well like nessus.**** > > > http://support.bigfix.com/product/documents/Tivoli_Endpoint_Manager_Administrators_Guide_81.pdf > **** > > ** ** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Albert R. Campa > *Sent:* Tuesday, December 11, 2012 8:51 AM > *To:* [email protected]; PaulDotCom Security Weekly Mailing List > *Subject:* Re: [Pauldotcom] Best ROI Combination - Metasploit & Training** > ** > > ** ** > > stand alone Nessus does integrate with Qradar. > > I really like Nessus as a scanner and also as you say, using audit files. > > SANS training like 560 or 542 are both good, offsec training is great as > well. > > im interested to know why you dont like Nessus as a vulnerability scanner? > **** > > ** ** > > On Mon, Dec 10, 2012 at 6:37 PM, Arch Angel <[email protected]> wrote:* > *** > > I would like to thank everyone for the advice and suggestions, it is truly > appreciated and welcomed! > > I cannot go into detail as to the company or the status but I can say that > in my region we are looking to build a ground up program and are under > Visa, MasterCard, Discover, and ISO guidelines / requirements. We > currently have Nessus, which till I walked in had not even been installed. > As a matter of fact I asked which machine it was on, the reply was "Well > we couldn't get it licensed because it would have required a firewall > change and that's a hassle so we just never installed it". Needless to say > it is installed and I'm working through the trials and tribulations of red > tape to get it to do more for us than host discovery. That being said I > absolutely love Nessus but not as a vulnerability scanner. I like it > automating configuration checks, custom audit files, checking Active > Directory items, etc.. I prefer NexPose for vulnerability and NexPose > seamlessly integrates with Q1 Labs, QRadar SIEM, which I am not sure Nessus > does. QRadar is coming down the pipe from corporate before too long. > > I also prefer to invest in good people rather than tools which, as mention > above, have a tendency to sit in the virtual bookshelf collecting virtual > dust if the people don't know how to use them. This may end up being > answered based on $$$ over the 2013 calendar year. Unfortunately I was not > part of the 2013 budget plans, so it may end up being nothing till 2014 :-( > > For example, I am in the process of building a wireless auditing program > based on Kismet, and off the shelf hardware. This is actually working > quite well so far during testing! > > -- > > Thank you, > > Robert Miller > http://www.armoredpackets.com > > Twitter: @arch3angel**** > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com**** > > ** ** >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
