Re: Pentesting tool - Commercial

On Tue, Feb 26, 2008 at 1:39 AM, Ramki B <bramkie@xxxxxxxxx> wrote:
Core Impact is the best fit for my requirement followed by ISS. And for VA
Nessus is the best choice.

ISS and Nesss are redundant. Most people prefer neXpose or Qualys to
Nessus, and some even prefer Foundscan to Nessus (for reporting,
although I don't know why personally). There were some recent
[pulled] evaluations and neXpose came out way ahead, although like
I've mentioned on other lists, the best-of-breed would be to combine
Rapid7 neXpose with Tenable PVS.

Core Impact is fine, but what about the other 400 exploits packaged
with CANVAS, Gleg/Argeniss, and Metasploit? I haven't even included
the CANVAS sharing alliance or D2 pack statistics, which I don't
really have readily available. Core Impact barely has 200 exploits
all by itself.

Cheers,
Andre

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • RE: Pentesting tool - Commercial
    ... Subject: Pentesting tool - Commercial ... Though iam aware of Nessus, Core Impact, Canvas, Backtrack, etc. ... buy it or download a solution FREE today! ...
    (Pen-Test)
  • RE: Pentesting tool - Commercial
    ... We have a large deployment of NeXpose and have been pleased with the ... assessment programs. ... detailed remediation documentation on each vulnerability. ... the CANVAS sharing alliance or D2 pack statistics, ...
    (Pen-Test)
  • Re: Snort and Nessus Signature
    ... > I am doing some research into integrating Snort and Nessus together. ... with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)