From: Aurélien Cabezon (aurelien.cabezon@isecurelabs.com)
Date: Fri Aug 27 2004 - 16:00:39 EDT
| It is a good product, except all your data is kept in a "secure"
| repository back at their HQ.
Maybe more secure than a box on the company's network...
What append if such a box get hacked ?
|The good thing about this is
| you can access your box indirectly from anywhere and view
| the results. The draw back, is that Qualys could gain
| access to your data as well as a hacker
| (cracker) who had gained access into the Qualys network.
Datas are encrypted with the customer's password as encryption key.
Qualys's customers can also access their datas with a SecureID authentification.
| The appliance will push data to the web portal after each scan.
Threw an ssl tunnel.
Regards,
Aurélien Cabezon
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:01 EDT