RE: Why eEye Retina (was MBSA scanner)

From: Doty, Stephen (BearingPoint) (sdoty@bearingpoint.net)
Date: Thu Apr 22 2004 - 14:47:58 EDT


How does something like CA's eTrust Vulnerability Manager product compare -
so that continual scanning is not required using ISS, Nessus, Retina, etc ?

-----Original Message-----
From: Peter Benson [mailto:peter.benson@security-assessment.com]
Sent: Wednesday, April 21, 2004 3:51 PM
To: pen-test@securityfocus.com
Subject: RE: Why eEye Retina (was MBSA scanner)

Hey,

We have found that most of the client based systems are starting to miss the
boat, and have struggled with the support available from most of them. We
have played with ISS, Nessus, Eeye, and (a few years ago) NetRecon and
CyberCop. Most of them left something to be desired.

The one that we see as the most robust and the best supported at the moment
is the QualysGuard Web Services model. (www.qualys.com)

In regards to the support and responsiveness, I have yet to find another
vendor that is this good.

Pete Benson
Security-Assessment.com
www.security-assessment.com

------------------------------------------------------------------------

CONFIDENTIALITY NOTICE:

This message and any attachment(s) are confidential and proprietary. They
may also be privileged or otherwise protected from disclosure. If you are
not the intended recipient, advise the sender and delete this message and
any attachment from your system. If you are not the intended recipient, you
are not authorised to use or copy this message or attachment or disclose the
contents to any other person. Views expressed are not necessarily endorsed
by Security-Assessment.com Limited.

-----Original Message-----
From: Román Ramírez [mailto:rramirez@chasethesun.es]
Sent: Wednesday, 21 April 2004 9:31 p.m.
To: pen-test@securityfocus.com
Subject: RE: Why eEye Retina (was MBSA scanner)

Hello,

About Retina I must say that is one of the best audit tools I have used...
False positives are AND WILL BE in the market and in every security tool,
and Languard is not the best example about not-having false positives (in my
experiencie every network device I test has SNMP public community as GFI
shows :) )

I don't know if you are a final customer or a consultant, but one of the
auditor's tasks is to verify vulnerabilities and remove false positives (and
try to get more info about false negatives).

I know a lot about Netrecon, about the (deceased) cybercop, nessus and newt,
sara, saint, and for my experience I will take Retina and Nessus without any
doubt, efficience and productivity.

About your comments about the company, well, they are one of the best
security companies (for my experience @stake, eeye, bindview) and they have
a BIG customer support department, and of course, check if Nessus has the
same "customer support" (mailing lists that of course you can find in eEye
Web site too).

I have a deep experience with eEye in big projects and I know some customers
that are very happy with their tools (my own company in top of the list).

Hope this helps

--
Roman Ramirez
Director General
Chase The Sun
+34 609 490 156
mailto:rramirez@chasethesun.es
http://www.chasethesun.es 
> -----Mensaje original-----
> De: clarke-cummings@columbus.rr.com
> [mailto:clarke-cummings@columbus.rr.com] 
> Enviado el: martes, 20 de abril de 2004 16:37
> Para: pen-test@securityfocus.com
> Asunto: Why eEye Retina (was MBSA scanner)
> 
> 
> Hello Everyone,
> 
> We recently began evaluating eEye's Retina product for our
> vulnerability assessment tool.  We have found the results to 
> be very inconsistent, showing us vulnerable to issues that 
> have been patched.  We've verified the patches manually, with 
> MBSA, HFNETCHK, and LanGuard.  eEye didn't have a good answer 
> as to why the results were so inconsistent.  Any guesses?
> 
> Also, how is their support response for those that are
> customers?  As a trial customer they aren't a very impressive 
> organization.
> 
> Thanks in advance for the help.
> 
> Cheers,
> Clarke
> 
> --------------------------------------------------------------------
> mail2web - Check your email from the web at http://mail2web.com/ .
> 
> 
> 
> --------------------------------------------------------------
> ----------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and
> get $545 off any course! All of our class sizes are 
> guaranteed to be 10 students or less to facilitate one-on-one 
> interaction with one of our expert instructors. Attend a 
> course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art 
> hacking lab. Master the skills of an Ethical Hacker to better 
> assess the security of your organization. Visit us at: 
> http://www.infosecinstitute.com/courses/ethical>
_hacking_training.html
> --------------------------------------------------------------
> -----------------
> 
> 
----------------------------------------------------------------------------
--
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---
----------------------------------------------------------------------------
--
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills of an Ethical Hacker to better assess the security of your
organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
---
******************************************************************************
The information in this email is confidential and may be legally
privileged.  Access to this email by anyone other than the
intended addressee is unauthorized.  If you are not the intended
recipient of this message, any review, disclosure, copying,
distribution, retention, or any action taken or omitted to be taken
in reliance on it is prohibited and may be unlawful.  If you are not
the intended recipient, please reply to or forward a copy of this
message to the sender and delete the message, any attachments,
and any copies thereof from your system.
******************************************************************************
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:52 EDT