sorry for the multi post.... here is the English site.
http://www.networkinstruments.com/products/observer.html What is the link to Observer? > -----Original Message----- > From: Gerhard Rickert [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 11, 2003 6:15 PM > To: [EMAIL PROTECTED] > Subject: Re: Justifying the spend on a vulnerability scanner > > > Just a thought in this area...what do you think of Observer. > Is it an overpriced tool? Would it work for what Mr. Berry wants? > ----- Original Message ----- From: "David Gillett" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 12, 2003 4:56 AM Subject: RE: Justifying the spend on a vulnerability scanner > > From: JM <[EMAIL PROTECTED]> > > As the subject says, this is what I have got to do. > > > > I could dream up loads of examples of; > > if we don't detect a code read virus and we get it, then it > > will knock out our webservers and others until we fix it. > > if we have open null shares on the network, and unrestricted > > access to remote registries people can do what they > > want....... > > > > But does anyone have any thoughts to share, on how I can > > successfully convince my management that the spend on a > > vulnerability scanner is worthwhile. > > Vulnerability scanners don't have an inherent ROI of their > own. > > Once you've got commitment to FIX holes before they are > exploited, then you can easily justify a tool or two to FIND > the holes that need fixing. But finding the holes is no help > if nothing will be done about them. > > David Gillett > > > >
