I'd just double check and make sure you understand the licensing options for Nexpose. There are some very affordable ones that don't' require buying big hardware and are optimized to run on notebook PCs.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Zate Berg Sent: Tuesday, January 18, 2011 10:29 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Small/Medium Business Scanner I'd vote for Nessus in your situation too. Possibly combine it with something like Seccubus (V2 is due out soon). Zate On Tue, Jan 18, 2011 at 10:00 AM, Dark Harper <[email protected]> wrote: > Hi all, > > This ones probably been around and around a dozen times but I'm after > some advice/recommendations on a vulnerability scanner for a small to > medium sized business. > > My short list is now down to two - Nessus or NeXpose. > > Our environment is spread across three sites, around 50 nodes in each. > The sites are not permanently linked. One of those sites is PCI DSS > compliant. > I've been using OpenVAS but am not a fan. Access to remote scanners > is via SSH tunnels/small links. > > Cost is definitely a consideration as budget is tight this year. I'm > leaning towards Nessus as it is miles cheaper than NeXpose and > requires much lower spec hardware from what I can tell. Recent > Metasploit plugin is also a plus. Can anyone say why I would put up the extra > cash for NeXpose? > > -Dark > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
