Premium Content

Access "Testing and comparing vulnerability analysis tools"

Joel Snyder, Contributor Published: 04 Mar 2003

Quick: What's on your network? What's it running? Is it patched? Up to date? Properly configured? Are you vulnerable? A vulnerability analyzer (VA) is designed to help you answer these questions. Many security managers first see the results of a vulnerability analyzer when a consultant drops an annual audit report on their desk. But as January's SQL Slammer worm reminded us, exploits aren't timed to coincide with audits. Like Code Red in 2001, Slammer exploited a well-documented vulnerability; and as with Code Red, a patch was available well before the worm struck. The point is, admins need an up-to-date picture of what's running on their network, where the holes are, and what's patched and what's not. We tested five1 tools to see which had the best detection engines and reporting tools, and which did the best job managing the data from their findings: Internet Security Systems' Internet Scanner 6.21 eEye Digital Security's Retina 4.9 Symantec's NetRecon 3.5 SAINT's SAINT 4.1 Nessus1.2.6 and NessusWX1.4.2 To determine how well these tools support real-world ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free