assessment
Review: eEye REM Security Manager
We found the combination of the REM Security Manager and the Retina Scanner to be easy to use and deploy. In fact, ease of use is this product’s hallmark. The user interface is similar to MS Windows Explorer and is among the most intuitive we’ve seen.
Apr 10 2007 12:00AM
Security
Review: ISS Proventia Network
The ISS Proventia Network Enterprise Scanner is part of a larger security management system and, as such, shows its best performance as part of that suite. We tested the product outside of the Proventia suite and we do not recommend this approach. The network scanner requires, at minimum, MS SQLServer and ISS Site Protector to support it. If all you need is a vulnerability scanner, this is not your best bet.
Feb 5 2007 12:00AM
Security
Review: Saint Scanner + Exploit
We have been watching Saint a long time. Saint, as many old-timers may recall, began life as an open source version of Satan, one of the first serious open source vulnerability scanners. Eventually the tool was commercialised and it has maintained many of its open source roots.
Feb 5 2007 12:00AM
Security
Review: Passive Vulnerability Scanner
The Tenable Passive Vulnerability Scanner (PVS) is a most interesting product. It is truly passive in that it does not perform active scans of any kind. It is, simply, a very smart sniffer. The product depends for its usefulness on the way that it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.
Jan 29 2007 12:00AM
Security
Review: Auditor Enterprise
NetClarity’s Auditor is a fine example of a fully featured appliance that offers not just vulnerability assessment, but also ties results to compliance and ongoing information systems audit programs. Beginning from the superb documentation and ending with the high value for the money, this product shines.
Feb 1 2006 12:00AM
Security
Review: AZScan
AZScan has a way to go to become a world-class vulnerability assessment tool – the product is not intuitive. First, one needs to know quite a bit about the product being audited. Second, there is no online help or tool tips. Third, the menu choices don’t always behave as expected. Set-up seems easy at first, but details often don’t work.
Feb 1 2006 12:00AM
Security
Review: BindView Control Compliance Suite
The BindView Compliance Control Suite includes bv-Control for Windows, bv-Control for Internet Security and Compliance Center. This is a very complex suite of products and is part of a complete compliance and assessment toolkit that offers virtually every view necessary of the security compliance status of an enterprise. This very strength makes configuration and use of the product difficult at first.
Feb 1 2006 12:00AM
Security
Review: Core Impact
Core Impact is different in that while it performs vulnerability assessment, it is primarily a penetration testing tool. It behaves like a hacker, performing vulnerability and port scans then attempting to penetrate the target using the vulnerabilities it finds. There are real benefits to this approach.
Feb 1 2006 12:00AM
Security
Review: GFI LANGuard Network Security Scanner
This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Feb 1 2006 12:00AM
Security
