Windows vulnerability assessment tools

Discussion in 'Computer Security' started by Cosmic Cruizer, Feb 18, 2004.

  1. I'm researching flexible, enterprise-wide vulnerability assessment tools for
    the Windows 2000 and 2003 platforms. So far, I've looked at the following,
    and like all solutions, each of them have their pros and cons:

    SecurityExpressions from Pedestal Software
    Security Analyzer from NetIQ
    SecEdit from Microsoft

    As it stands, I am looking for a tool to help proactively manage around
    1,500 servers of various types: AD, Exchange, SMS, print and file, etc. The
    tests need to be configurable so I can adjust them, where necessary, to fit
    our security philosophy. I would rather purchase a vendor supplied solution
    then to build something from the ground up that we would need to solely
    support internally.

    What are some of the other Windows vulnerability assessment tools on the
    market? Is there a comparison of the various products listed somewhere?

    Thanks
    Cosmic Cruizer, Feb 18, 2004
    #1
    1. Advertising

  2. Cosmic Cruizer

    Careers Guest

    You might want to check out http://www.foundstone.com/. They have very good
    vulnerability scanning software.

    Wojtek
    Network Security Consultant
    SafeIT.ca



    "Cosmic Cruizer" <> wrote in message
    news:Xns9492B224211F9ccruizermydejacom@64.164.98.49...
    > I'm researching flexible, enterprise-wide vulnerability assessment tools

    for
    > the Windows 2000 and 2003 platforms. So far, I've looked at the following,
    > and like all solutions, each of them have their pros and cons:
    >
    > SecurityExpressions from Pedestal Software
    > Security Analyzer from NetIQ
    > SecEdit from Microsoft
    >
    > As it stands, I am looking for a tool to help proactively manage around
    > 1,500 servers of various types: AD, Exchange, SMS, print and file, etc.

    The
    > tests need to be configurable so I can adjust them, where necessary, to

    fit
    > our security philosophy. I would rather purchase a vendor supplied

    solution
    > then to build something from the ground up that we would need to solely
    > support internally.
    >
    > What are some of the other Windows vulnerability assessment tools on the
    > market? Is there a comparison of the various products listed somewhere?
    >
    > Thanks



    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.588 / Virus Database: 372 - Release Date: 13/02/2004
    Careers, Feb 18, 2004
    #2
    1. Advertising

  3. "Careers" <> wrote in
    <tsEYb.4244$>:

    >You might want to check out http://www.foundstone.com/. They have very
    >good vulnerability scanning software.
    >
    >Wojtek
    >Network Security Consultant
    >SafeIT.ca
    >
    >


    I'd forgotten all about Foundstone. Thanks for the suggestion.
    Cosmic Cruizer, Feb 18, 2004
    #3
  4. (Cosmic Cruizer) wrote in
    <Xns9492B224211F9ccruizermydejacom@64.164.98.49>:

    >I'm researching flexible, enterprise-wide vulnerability assessment tools
    >for the Windows 2000 and 2003 platforms. So far, I've looked at the
    >following, and like all solutions, each of them have their pros and
    >cons:
    >
    >SecurityExpressions from Pedestal Software
    >Security Analyzer from NetIQ
    >SecEdit from Microsoft
    >
    >As it stands, I am looking for a tool to help proactively manage around
    >1,500 servers of various types: AD, Exchange, SMS, print and file, etc.
    >The tests need to be configurable so I can adjust them, where necessary,
    >to fit our security philosophy. I would rather purchase a vendor
    >supplied solution then to build something from the ground up that we
    >would need to solely support internally.
    >
    >What are some of the other Windows vulnerability assessment tools on the
    >market? Is there a comparison of the various products listed somewhere?
    >
    >Thanks
    >


    Just a follow up to my own question:

    I've found three great links (amoung several others)

    http://www.nwfusion.com/reviews/2002/vulnerability0204result.jsp?
    _tablename=vulnerability0204 (a few years out of date)

    http://www.timberlinetechnologies.com/products/vulnerability.html

    http://cve.mitre.org/compatible/product_type.html

    This should keep me occupied for awhile.
    Cosmic Cruizer, Feb 19, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Emma

    Staff Skills Assessment Tests

    Emma, Oct 2, 2003, in forum: Microsoft Certification
    Replies:
    1
    Views:
    532
    Beoweolf
    Oct 3, 2003
  2. Guest

    Electronic Assessment program- Windows 2000 Prof.

    Guest, Aug 26, 2004, in forum: Microsoft Certification
    Replies:
    3
    Views:
    669
    msdbaWanaB
    Aug 15, 2005
  3. John McCoy

    Skill assessment for Windows 2000

    John McCoy, Sep 10, 2003, in forum: MCSE
    Replies:
    0
    Views:
    780
    John McCoy
    Sep 10, 2003
  4. Sherman H.

    Vulnerability Assessment

    Sherman H., Jul 21, 2004, in forum: Computer Security
    Replies:
    2
    Views:
    377
  5. SAD
    Replies:
    1
    Views:
    598
    Winged
    Sep 28, 2005
Loading...

Share This Page