Re: Justifying the spend on a vulnerability scanner

From: Gerhard Rickert (rickert@ocn.ad.jp)
Date: 03/13/03

  • Next message: Mark Rossman: "RE: GroupWise - Guinevere - Klez.H traffic Increase"
    From: "Gerhard Rickert" <rickert@ocn.ad.jp>
    To: <security-basics@securityfocus.com>
    Date: Thu, 13 Mar 2003 10:16:34 +0900
    
    

    sorry for the multi post....

    here is the English site.

    http://www.networkinstruments.com/products/observer.html

    What is the link to Observer?

    > -----Original Message-----
    > From: Gerhard Rickert [mailto:rickert@ocn.ad.jp]
    > Sent: Tuesday, March 11, 2003 6:15 PM
    > To: security-basics@securityfocus.com
    > Subject: Re: Justifying the spend on a vulnerability scanner
    >
    >
    > Just a thought in this area...what do you think of Observer.
    > Is it an overpriced tool? Would it work for what Mr. Berry wants?
    >

    ----- Original Message -----
    From: "David Gillett" <gillettdavid@fhda.edu>
    To: <security-basics@securityfocus.com>
    Sent: Wednesday, March 12, 2003 4:56 AM
    Subject: RE: Justifying the spend on a vulnerability scanner

    > > From: JM <jamesmcgeeiom@onetel.net.uk>
    > > As the subject says, this is what I have got to do.
    > >
    > > I could dream up loads of examples of;
    > > if we don't detect a code read virus and we get it, then it
    > > will knock out our webservers and others until we fix it.
    > > if we have open null shares on the network, and unrestricted
    > > access to remote registries people can do what they
    > > want.......
    > >
    > > But does anyone have any thoughts to share, on how I can
    > > successfully convince my management that the spend on a
    > > vulnerability scanner is worthwhile.
    >
    > Vulnerability scanners don't have an inherent ROI of their
    > own.
    >
    > Once you've got commitment to FIX holes before they are
    > exploited, then you can easily justify a tool or two to FIND
    > the holes that need fixing. But finding the holes is no help
    > if nothing will be done about them.
    >
    > David Gillett
    >
    >
    >
    >


  • Next message: Mark Rossman: "RE: GroupWise - Guinevere - Klez.H traffic Increase"

    Relevant Pages

    • RE: Justifying the spend on a vulnerability scanner
      ... > I could dream up loads of examples of; ... > vulnerability scanner is worthwhile. ... Once you've got commitment to FIX holes before they are ...
      (Security-Basics)
    • Two slit experiment: Vindicating Einstein
      ... If you shine light at the holes as you shoot electrons through you get ... What if the wave collapses at the hole when light interacts with the ... and not an Observer Created Reality? ...
      (sci.physics.relativity)
    • Re: Two slit experiment: Vindicating Einstein
      ... > If you shine light at the holes as you shoot electrons through you get ... QM does not demand an observer created reality - that is just one possible ...
      (sci.physics.relativity)