Re: Pentesting tool - Commercial

On Thu, Feb 28, 2008 at 4:26 PM, Ivan Arce <ivan.arce@xxxxxxxxxxxxxxxx> wrote:
But before
that, I'd like to ask you to clarify how did you come to your conclusions
and if you were or are a licensed user of a current and up-to-date version
of CORE IMPACT because I suspect you may be providing opinions that are
based on a partial or limited view of our product. Please feel free to
contact me directly or through any of Core's Customer Support channels so
we can follow up on any particular feedback (or complain) you may want to
provide.

I said that my list wasn't up-to-date, but included much of 2007. If
you added 400 new exploits in the past 6 months - my mistake for not
making that clear enough. All of the other information about my
process to getting to those numbers was included in the thread. I can
re-quote all of them if necessary.

If I was a paying customer (or ever had been), I probably would have
violated a EULA for talking about such information in the public eye.
I have no intention of contacting you (or anyone at Core) about paying
for your product, and I don't really deal well with customer support
channels.

If you feel that these are opinions, that's fine - but I don't feel that way

If these vulnerability assessment management and network
penetration-testing tools were so important - how come they don't help
a person create the next iPhone expoit, the next QuickTime exploit, or
the almost certainly find the next Java JVM or Adobe Reader
vulnerability?

I suspect you may be providing opinions based on a limited view of the
industry based around your own product.

Cheers,
Andre

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Re: !Patch for IE input validation error vulnerability...
    ... > could allow Hackers and con-artists to display a fake URL in the address ... The vulnerability is caused due to an input validation error, ... > Download patch at: ... the opinions expressed in this opinion do not necessarily ...
    (alt.computer.security)
  • Re: SunRocket VOIP Comments?
    ... > Does anyone have any opinions, good or bad, about their service? ... The price is pretty much unbeatable and the customer support ... Prev by Date: ...
    (comp.dcom.telecom)