Secure Enterprise mag did a review of 7 different "vulnerability-management suites" (as they called them) in Dec. 2004. Take it for what it's worth, but notice that ISS was not included. Perhaps the review offered by Mr. Schmehl is all you need.
http://www.secureenterprisemag.com/products/showArticle.jhtml?articleID= 54200188 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Schmehl Sent: Thursday, November 10, 2005 4:58 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Vuln scanner software choices --On Thursday, November 10, 2005 12:32:27 -0700 Tblinux <[EMAIL PROTECTED]> wrote: > I know that most if not all of you use or have used Nessus at some point. > I've been following the thread. Now that it appears that Nessus is > seriously ratcheting down support for independent consultants and > corporate / gov't users without a registered and paid for license what > scanning software are you considering? Has anyone done a *complete* > comparison of all of the scanning software out there and made a choice > based on the findings? If so what was it? > There's bound to be a comparison somewhere. All I can tell you, from personal experience, is avoid ISS like the plague it is. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ This message contains confidential information intended only for the individual named. If you are not the addressee, do not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this by mistake and delete it from your system. E-mail cannot guarantee secure, error-free transmission as information can be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise because of e-mail transmission. If verification is required, please request a hard-copy version. When working with third parties, e-mail cannot be used in lieu of signed paper documents to represent approvals of, authority for or acknowledgements of company transactions. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Pioneer Credit Recovery, Inc. 26 Edward St. Arcade, NY 14009 http://www.pioneer-credit.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
