RE: Why eEye Retina (was MBSA scanner)

From: Román Ramírez (rramirez_at_chasethesun.es)
Date: 04/21/04

  • Next message: Chris Hurley: "RE: Why eEye Retina (was MBSA scanner)" 
    To: <pen-test@securityfocus.com>
Date: Wed, 21 Apr 2004 11:31:14 +0200

    Hello,

    About Retina I must say that is one of the best audit tools I have
    used...

    False positives are AND WILL BE in the market and in every security
    tool, and Languard is not the best example about not-having false
    positives (in my experiencie every network device I test has SNMP public
    community as GFI shows :) )

    I don't know if you are a final customer or a consultant, but one of the
    auditor's tasks is to verify vulnerabilities and remove false positives
    (and try to get more info about false negatives).

    I know a lot about Netrecon, about the (deceased) cybercop, nessus and
    newt, sara, saint, and for my experience I will take Retina and Nessus
    without any doubt, efficience and productivity.

    About your comments about the company, well, they are one of the best
    security companies (for my experience @stake, eeye, bindview) and they
    have a BIG customer support department, and of course, check if Nessus
    has the same "customer support" (mailing lists that of course you can
    find in eEye Web site too).

    I have a deep experience with eEye in big projects and I know some
    customers that are very happy with their tools (my own company in top of
    the list).

    Hope this helps 

    --
Roman Ramirez
Director General
Chase The Sun
+34 609 490 156
mailto:rramirez@chasethesun.es
http://www.chasethesun.es 
> -----Mensaje original-----
> De: clarke-cummings@columbus.rr.com 
> [mailto:clarke-cummings@columbus.rr.com] 
> Enviado el: martes, 20 de abril de 2004 16:37
> Para: pen-test@securityfocus.com
> Asunto: Why eEye Retina (was MBSA scanner)
> 
> 
> Hello Everyone,
> 
> We recently began evaluating eEye's Retina product for our 
> vulnerability assessment tool.  We have found the results to 
> be very inconsistent, showing us vulnerable to issues that 
> have been patched.  We've verified the patches manually, with 
> MBSA, HFNETCHK, and LanGuard.  eEye didn't have a good answer 
> as to why the results were so inconsistent.  Any guesses?
> 
> Also, how is their support response for those that are 
> customers?  As a trial customer they aren't a very impressive 
> organization.
> 
> Thanks in advance for the help.
> 
> Cheers,
> Clarke
> 
> --------------------------------------------------------------------
> mail2web - Check your email from the web at http://mail2web.com/ .
> 
> 
> 
> --------------------------------------------------------------
> ----------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and 
> get $545 off any course! All of our class sizes are 
> guaranteed to be 10 students or less to facilitate one-on-one 
> interaction with one of our expert instructors. Attend a 
> course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art 
> hacking lab. Master the skills of an Ethical Hacker to better 
> assess the security of your organization. Visit us at: 
> http://www.infosecinstitute.com/courses/ethical>
_hacking_training.html
> --------------------------------------------------------------
> -----------------
> 
> 
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
  • Next message: Chris Hurley: "RE: Why eEye Retina (was MBSA scanner)"