Re: Security scanning tools
From: Devilscrow Sr (devilscrow_at_gawab.com)
Date: 12/15/03
- Previous message: Joey Peloquin: "RE: Possible virus?"
- In reply to: Jack Solomon: "Security scanning tools"
- Next in thread: Kim Guldberg: "SV: Security scanning tools"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 16 Dec 2003 02:05:27 +0530 To: Jack Solomon <solzjack43@hotmail.com>
Hi Jack,
My answers inline...
Jack Solomon wrote:
>
> My questions to the group are:
> 1. What tool[s] should I look to buy that that correctly reports
> security vulnerabilties with the least false positives?
Firstly, mbsa for me is more of a information gathering tool that also
does some basic security checks. Secondly, some amount of post scan
analysis / verification is always very important and required to get
better results out of your vulnerability scans. This will help you
reduce the number of false positives.
> 2. Are false positives a known [feature] of all scanning tools?
Oh, yes !
That goes without saying.....
-dev
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Joey Peloquin: "RE: Possible virus?"
- In reply to: Jack Solomon: "Security scanning tools"
- Next in thread: Kim Guldberg: "SV: Security scanning tools"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
