assessment

Review: eEye REM Security Manager

Review: eEye REM Security Manager

We found the combination of the REM Security Manager and the Retina Scanner to be easy to use and deploy. In fact, ease of use is this product’s hallmark. The user interface is similar to MS Windows Explorer and is among the most intuitive we’ve seen.
Peter Stephenson,CeRNS, Apr 10 2007 12:00AM Security
Review: Tenable Nessus 3

Review: Tenable Nessus 3

Nessus is one of the granddaddies of vulnerability scanners. Today, Nessus is not only a powerful open source product in its own right, it is the basis for some of the most powerful commercial vulnerability scanners available.
Peter Stephenson,CeRNS, Feb 5 2007 12:00AM Security
Review: ISS Proventia Network

Review: ISS Proventia Network

The ISS Proventia Network Enterprise Scanner is part of a larger security management system and, as such, shows its best performance as part of that suite. We tested the product outside of the Proventia suite and we do not recommend this approach. The network scanner requires, at minimum, MS SQLServer and ISS Site Protector to support it. If all you need is a vulnerability scanner, this is not your best bet.
Peter Stephenson,CeRNS, Feb 5 2007 12:00AM Security
Review: Saint Scanner + Exploit

Review: Saint Scanner + Exploit

We have been watching Saint a long time. Saint, as many old-timers may recall, began life as an open source version of Satan, one of the first serious open source vulnerability scanners. Eventually the tool was commercialised and it has maintained many of its open source roots.
Peter Stephenson,CeRNS, Feb 5 2007 12:00AM Security
Review: Passive Vulnerability Scanner

Review: Passive Vulnerability Scanner

The Tenable Passive Vulnerability Scanner (PVS) is a most interesting product. It is truly passive in that it does not perform active scans of any kind. It is, simply, a very smart sniffer. The product depends for its usefulness on the way that it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.
Peter Stephenson,CeRNS, Jan 29 2007 12:00AM Security
Chance assessment

Chance assessment

It’s time to get real when measuring risk against acceptable loss. Business needs a more intelligent approach, says Gary Flood
Gary Flood May 2 2006 3:10PM Security
Best Vulnerability Assessment

Best Vulnerability Assessment

Overall Category Winner and Winner for Best Patch Management: Shavlik HFNetChkPro 5.1, Shavlik Technologies, LLC
Staff Writers Mar 13 2006 7:09PM Security
Review: Auditor Enterprise

Review: Auditor Enterprise

NetClarity’s Auditor is a fine example of a fully featured appliance that offers not just vulnerability assessment, but also ties results to compliance and ongoing information systems audit programs. Beginning from the superb documentation and ending with the high value for the money, this product shines.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: AZScan

Review: AZScan

AZScan has a way to go to become a world-class vulnerability assessment tool – the product is not intuitive. First, one needs to know quite a bit about the product being audited. Second, there is no online help or tool tips. Third, the menu choices don’t always behave as expected. Set-up seems easy at first, but details often don’t work.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: BindView Control Compliance Suite

Review: BindView Control Compliance Suite

The BindView Compliance Control Suite includes bv-Control for Windows, bv-Control for Internet Security and Compliance Center. This is a very complex suite of products and is part of a complete compliance and assessment toolkit that offers virtually every view necessary of the security compliance status of an enterprise. This very strength makes configuration and use of the product difficult at first.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: Core Impact

Review: Core Impact

Core Impact is different in that while it performs vulnerability assessment, it is primarily a penetration testing tool. It behaves like a hacker, performing vulnerability and port scans then attempting to penetrate the target using the vulnerabilities it finds. There are real benefits to this approach.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: GFI LANGuard Network Security Scanner

Review: GFI LANGuard Network Security Scanner

This is a straightforward vulnerability scanner that also manages patch deployment. It can push patches and service packs out to target computers by means of a patch agent installed on the target. We found it generally competent and straightforward to install on our Windows 2000 notebook.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: Nessus/NeWT

Review: Nessus/NeWT

Nessus has been a mainstay of vulnerability scanning since the Nessus Project was started by Renaud Deraison in 1998. The Nessus website claims that over 75,000 organizations worldwide use the program.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: NeXpose

Review: NeXpose

As an appliance, NeXpose fits into our category of fully featured products, but it is also available as software only. Uniquely, Rapid 7 also offers a managed service for organizations with limited resources.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Review: SAINT Scanner

Review: SAINT Scanner

Saint is a venerable product with its roots in the earliest days of automated vulnerability assessment. It has been dressed up in a new suit of clothes since becoming a commercial product, but retains its strong Unix roots.
Peter Stephenson,CeRNS, Feb 1 2006 12:00AM Security
Automated Vulnerability Assessment: How to Underpin Your Security Investment

Automated Vulnerability Assessment: How to Underpin Your Security Investment

Many organizations are now relying upon the vital support that vulnerability assessment can offer as the fourth pillar of security.
Amer Deeba Jan 12 2004 2:10PM Security
Has There Ever Been a Better Time to Talk Up Vulnerability Assessment?

Has There Ever Been a Better Time to Talk Up Vulnerability Assessment?

We often hear of prevention being better than cure.
Richard Walters Jan 12 2004 12:45PM Security
A Balanced Approach to Performing a Security Assessment

A Balanced Approach to Performing a Security Assessment

Fundamentally, there exist just two basic approaches to performing security assessments: vulnerability priority and asset priority.
Adam Lipson Jan 9 2004 4:38PM Security

Log In

  |  Forgot your password?