The main public reviews I am aware of are: http://www.networkcomputing.com/1201/1201f1b1.html This is quite old now. Mind you, that means ISS did not get reviewed for its abysmal update process from V6 to V7 (see my notes in the ISS mailing list).
http://www.nwfusion.com/reviews/2002/0204bgtoc.html Favours Retina. http://infosecuritymag.techtarget.com/2003/jan/cover.shtml Web app scanners reviews. Does not include Nessus. http://infosecuritymag.techtarget.com/2003/mar/cover.shtml favours ISS, but see the Nessus mailing list thread: http://list.nessus.org/nessus/0303/5074.html But I guess the best and most honest comparison is to scan some of your systems and show what vulnerabilities are missed by each scanner. I'd expect Nessus to do very well. I'd love to see a fair comparison of scanners and what they detect. For example the Jan 2003 app scanner review did not include Nessus, ISS or similar scanner, which certainly would have detected many of the listed vulnerabilities. As for migrating the tests, I think I'd tackle from first principles, and ask why you have a complex ISS policy at all? You can go a long way with a "try everything 'cos the black hats will" policy, perhaps in conjunction with "all but DoS tests" for production systems. Andrew Yeomans -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Kyle Sayre Sent: 23 December 2003 21:34 To: [EMAIL PROTECTED] Subject: ISS vs. Nessus Hello all, We have been using ISS Internet scanner and nessus (among other tools), and we would like to start combining, and where appropriate, moving tests from Internet scanner to nessus. We have a large Internet scanner policy, and instead of going through it by hand, I was wondering if anyone had a good correlation of Internet scanner and nessus reports? I tried using the CVE's, but that only gets us so far, we still have over 300 test to try and correlate, and the CVE's do not map to X-Force numbers (and Internet scanner tests) very well. Also I was looking for a good vulnerability scanner comparison to show to manager types. Most of our managers are for the move to nessus, but some are still reluctant, and I would like to put as many nails in ISS's coffin as possible. Thanks, David Sayre Los Alamos National Labs _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus -------------------------------------------------------------------------------- The information contained herein is confidential and is intended solely for the addressee. Access by any other party is unauthorised without the express written permission of the sender. If you are not the intended recipient, please contact the sender either via the company switchboard on +44 (0)20 7623 8000, or via e-mail return. If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. -------------------------------------------------------------------------------- _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
