From: Chris Sharp (illectro2001@yahoo.com)
Date: Thu Mar 27 2003 - 17:05:55 EST
> Does Qualys' claim to more
> vulnerability signatures and faster/easier updates
hold
> water?
Well the front page of qualys.com claims that they
scan for 2531 vulnerabilities, that's twice what
Nessus (1378) or ISS (1218) claim.
As for updates, it's all on their servers and
hardware, set it up once and forget abotu software
updates. Fire and forget. Not sure about the rate of
false positives, but my impression is that they're
cautious, only reporting False positives for dangerous
bugs.
They don't do active tests, so they don't exploit
known bugs and crash servers during testing. A lot of
Nessus modules need to be launched manually and result
in the scanned machine needing a reboot - somewhat
inconvenient but it removes any doubt as to how
vulnerable you are.
__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com
top spam and e-mail risk at the gateway.
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it. See exactly how much
junk never even makes it in the door. Free 30-day trial:
http://www.surfcontrol.com/go/zsfptl1
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT