Re: Qualys



There are some products that advertise they have the ability to scan Class "A" networks but why not break up the Class "A" network into various parts, in order for the scan to run efficiently and not cause "door rattling" within an organization's security department.

-----Original Message-----
From: "David M. Zendzian" <dmz@xxxxxxxx>
Sent: Feb 8, 2006 1:05 AM
To: US Infosec <usinfosec@xxxxxxxxx>
Cc: pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Qualys

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

And just for the lists knowledge, what products did you find that could
deliver on a class A assessment?

BTW, I know of several national and multi-national financial
institutions that depend on n-circle, doing both regular sweeps around
their network as well as tying into their dhcp servers to scan hosts as
they "go-live".

dmz

US Infosec wrote:

nCircle came to do a demonstration for my team once. I work in an
enviornment that has a full routable class A. I asked the technical
guy there if they had ever deployed their appliances in a Class A
enviornment and he said sure we have supported clients with 60K hosts.
That was the end of our consideration.

gl

On 2/6/06, Mark Teicher <mht3@xxxxxxxxxxxxx> wrote:


nCircle has been around for quite some time. They may no tbe classified as vulnerability scanner as Qualys is defined as, but they are in the same market segment.

-----Original Message-----


From: Michael Gargiullo <mgargiullo@xxxxxxxxx>
Sent: Feb 6, 2006 9:43 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: Qualys

To be honest, I had never heard of nCircle before your post. Googling
for "network security scanner", nCircle wasn't found within the first 20
pages. Granted, that search came up with well over 1.6 million hits.
When I searched specifically for nCircle within those results, it only
came up with 14,000 hits. Qualys came up with 71,500 hits. Eeye Retina
scanner came up with 163,000. Nessus came up with 361,000 hits.

Not that I can speak for them, but that's probably why it didn't show.

Now, go through, and check pricing on those scanners (commercial support
options). I will say for a corporation, the reporting options for
nCircle look interesting.

-Mike

-----Original Message-----
From: slebdawg@xxxxxxxxx [mailto:slebdawg@xxxxxxxxx]
Sent: Saturday, February 04, 2006 12:26 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: Qualys

I've worked in Info Security for one of North America's largest banks
for over 8 years. Where is nCircle on this list? Based on your list of
important criteria, we've found nCircle to not only fit the bill --
they've outperformed Qualys will allowing our organization to maintain
control of our data. I can't tell you how many initiatives we've
started because of the valuable information that we get from our IP360
implementation. In many of these cases, we found opportunities based on
looking and thinking about the data in a very innovative way. If
someone else were hosting our solution, we would never have the
intelligence in-house to find innovative ways to use this data.

Reading your article, it makes me wonder if you work for Qualys. I am
truly boggled that you didn't include nCircle on your list ... even if
they didn't turn out to be your vendor of choice, their absence makes me
suspicious.

------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on
your
website. Up to 75% of cyber attacks are launched on shopping carts,
forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before
hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------








-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)

iQA/AwUBQ+mKGJcwFRNrWbm9EQKa1ACfeWnRjO0gldN+utr3Shpm+2oRal0Anjxz
4gqSt7ZSbhbWEa0xBVXpdWYR
=j5NX
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



Relevant Pages

  • RE: Pre-Scanning for Marketing
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • RE: New article on SecurityFocus (.WMF Vuln)
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Penetration test of 1 IP address
    ... > Audit your website security with Acunetix Web Vulnerability Scanner: ... > Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • Re: Qualys
    ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)