RE: QualysGuard - VA/PT appliance

• Previous message: Norman Girard: "Re: QualysGuard - VA/PT appliance"
• In reply to: marc bayerkohler: "QualysGuard - VA/PT appliance"
• Next in thread: Gary Nichols: "Re: QualysGuard - VA/PT appliance"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'marc bayerkohler'" <lists.marc@gmail.com>, <pen-test@securityfocus.com>
Date: Wed, 24 Aug 2005 08:30:20 -0400

I had an opportunity to review the product at the InfoSec show in Orlando
City and to be honest; I was not really very impressed. It looks and feels
like another vulnerability scanner. I did find it somewhat amazing that the
person I was talking with at the booth told me that this services makes
Penetration Testing Obsolete. I think he's been reading this marketing
material to much...

The rep at the booth would not tell me what engine runs behind it (Nessus?)
or anything much more technical or very in-depth such as their vulnerability
signatures.. Are they produced by Qualys? Or ????.

But you do get a nice bag to cart it around in ;-)

My opinion is they are targeting this service at SMEs who do not have
in-house skills and really don't understand security ... etc....

Richard Zaluski
CISO, Security and Infrastructure Services
iVOLUTION Technologies Incorporated
905.309.1911
866.601.4678
www.ivolution.ca
rzaluski@ivolution.ca
 

Key fingerprint = DB39 7FC3 1F5D AD94 85DD 78B0 774D 5DE5 B011 BD8C
=======================================================================
CONFIDENTIALITY NOTICE: This email message, including any
attachments, is for the sole use of the intended recipient(s) and may
contain confidential and privileged information. If you are not the
intended recipient, please contact the sender. Any unauthorized review,
use, disclosure, or distribution is prohibited.
=======================================================================
-----Original Message-----
From: marc bayerkohler [mailto:lists.marc@gmail.com]
Sent: Tuesday, August 23, 2005 6:29 PM
To: pen-test@securityfocus.com
Subject: QualysGuard - VA/PT appliance

This sounds just like the FusionVM product from CriticalWatch.

http://www.criticalwatch.com/solutions.html

You install their box, which VPNs home. You schedule the assessments
and read the output through their portal.

The reporting is very flexible, it is via a web application, so you
can give a manager an account so he can view just the results for his
machines, etc.

It is also tied in to a ticketing system you can use for remediating the
issues.

marc bayerkohler

---------- Forwarded message ----------
Date: Tue, 23 Aug 2005 10:49:26 +0530
From: prasanna.mukundan@wipro.com
To: pen-test@securityfocus.com
Subject: QualysGuard - VA/PT appliance

http://www.qualys.com/products/qgcons/

We have are evaluating an appliance by Qualys, called QualysGuard that
purportedly "enables security auditors to scope and perform detailed
vulnerability assessments anytime, anywhere, using nothing more than a
Web browser."

Has anyone used this appliance? If so could you give me your feedback on
the product?

>From what I have seen of it in a couple of days, it seems to initiate a
scan(for s/w vulnerabilities) from the intranet of a network, but sends
the data to the internet/qualys server (and accessed via qualys'
website), which imo while have the regulators and auditors screaming. I
would appreciate if anyone could confirm/correct that.

Thanks,
Prasanna

Confidentiality Notice

The information contained in this electronic message and any
attachments to this message are intended
for the exclusive use of the addressee(s) and may contain confidential
or privileged information. If
you are not the intended recipient, please notify the sender at Wipro
or Mailadmin@wipro.com immediately
and destroy all copies of this message and any attachments.

• Previous message: Norman Girard: "Re: QualysGuard - VA/PT appliance"
• In reply to: marc bayerkohler: "QualysGuard - VA/PT appliance"
• Next in thread: Gary Nichols: "Re: QualysGuard - VA/PT appliance"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Vulnerability to cache poisoning -- the rest of the solution ... Vulnerability to cache poisoning -- the rest of the solution ... We were only allowing port 53 outside the firewall (confirmed by the ... If you are not the intended recipient, any disclosure, ... (comp.protocols.dns.bind) Request for Information on Exploit Novell eDirectory evtFilteredMonitorEventsRequest() function Buff ... I could not find any working Poc for this particular vulnerability. ... Please help me out with any information about any working exploit for this vulnerability or Poc. ... Novell eDirectory evtFilteredMonitorEventsRequest() function Buffer Overflow vulnerability ... If you are not the intended recipient, please immediately notify the sender by reply email and destroy all copies of the original message. ... (Focus-IDS) Request for Information on Exploit Novell eDirectory evtFilteredMonitorEventsRequest() function Buff ... I could not find any working Poc for this particular vulnerability. ... Please help me out with any information about any working exploit for this vulnerability or Poc. ... Novell eDirectory evtFilteredMonitorEventsRequest() function Buffer Overflow vulnerability ... If you are not the intended recipient, please immediately notify the sender by reply email and destroy all copies of the original message. ... (Pen-Test) [Full-disclosure] Request for Information on Exploit Novell eDirectory evtFilteredMonitorEventsR ... I could not find any working Poc for this particular vulnerability. ... Please help me out with any information about any working exploit for this vulnerability or Poc. ... Novell eDirectory evtFilteredMonitorEventsRequest() function Buffer Overflow vulnerability ... If you are not the intended recipient, please immediately notify the sender by reply email and destroy all copies of the original message. ... (Full-Disclosure)