Re: Qualys

From: David M. Zendzian (dmz@dmzs.com)
Date: Wed Feb 08 2006 - 01:05:09 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

And just for the lists knowledge, what products did you find that could
deliver on a class A assessment?

BTW, I know of several national and multi-national financial
institutions that depend on n-circle, doing both regular sweeps around
their network as well as tying into their dhcp servers to scan hosts as
they "go-live".

dmz

US Infosec wrote:

>nCircle came to do a demonstration for my team once. I work in an
>enviornment that has a full routable class A. I asked the technical
>guy there if they had ever deployed their appliances in a Class A
>enviornment and he said sure we have supported clients with 60K hosts.
> That was the end of our consideration.
>
>gl
>
>On 2/6/06, Mark Teicher <mht3@earthlink.net> wrote:
>
>
>>nCircle has been around for quite some time. They may no tbe classified as vulnerability scanner as Qualys is defined as, but they are in the same market segment.
>>
>>-----Original Message-----
>>
>>
>>>From: Michael Gargiullo <mgargiullo@pvtpt.com>
>>>Sent: Feb 6, 2006 9:43 AM
>>>To: pen-test@securityfocus.com
>>>Subject: RE: Qualys
>>>
>>>To be honest, I had never heard of nCircle before your post. Googling
>>>for "network security scanner", nCircle wasn't found within the first 20
>>>pages. Granted, that search came up with well over 1.6 million hits.
>>>When I searched specifically for nCircle within those results, it only
>>>came up with 14,000 hits. Qualys came up with 71,500 hits. Eeye Retina
>>>scanner came up with 163,000. Nessus came up with 361,000 hits.
>>>
>>>Not that I can speak for them, but that's probably why it didn't show.
>>>
>>>Now, go through, and check pricing on those scanners (commercial support
>>>options). I will say for a corporation, the reporting options for
>>>nCircle look interesting.
>>>
>>>-Mike
>>>
>>>-----Original Message-----
>>>From: slebdawg@gmail.com [mailto:slebdawg@gmail.com]
>>>Sent: Saturday, February 04, 2006 12:26 PM
>>>To: pen-test@securityfocus.com
>>>Subject: RE: Qualys
>>>
>>>I've worked in Info Security for one of North America's largest banks
>>>for over 8 years. Where is nCircle on this list? Based on your list of
>>>important criteria, we've found nCircle to not only fit the bill --
>>>they've outperformed Qualys will allowing our organization to maintain
>>>control of our data. I can't tell you how many initiatives we've
>>>started because of the valuable information that we get from our IP360
>>>implementation. In many of these cases, we found opportunities based on
>>>looking and thinking about the data in a very innovative way. If
>>>someone else were hosting our solution, we would never have the
>>>intelligence in-house to find innovative ways to use this data.
>>>
>>>Reading your article, it makes me wonder if you work for Qualys. I am
>>>truly boggled that you didn't include nCircle on your list ... even if
>>>they didn't turn out to be your vendor of choice, their absence makes me
>>>suspicious.
>>>
>>>------------------------------------------------------------------------
>>>------
>>>Audit your website security with Acunetix Web Vulnerability Scanner:
>>>
>>>Hackers are concentrating their efforts on attacking applications on
>>>your
>>>website. Up to 75% of cyber attacks are launched on shopping carts,
>>>forms,
>>>login pages, dynamic content etc. Firewalls, SSL and locked-down servers
>>>are
>>>futile against web application hacking. Check your website for
>>>vulnerabilities
>>>to SQL injection, Cross site scripting and other web attacks before
>>>hackers do!
>>>Download Trial at:
>>>
>>>http://www.securityfocus.com/sponsor/pen-test_050831
>>>------------------------------------------------------------------------
>>>-------
>>>
>>>
>>>
>>>
>>>------------------------------------------------------------------------------
>>>Audit your website security with Acunetix Web Vulnerability Scanner:
>>>
>>>Hackers are concentrating their efforts on attacking applications on your
>>>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>>>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>>>futile against web application hacking. Check your website for vulnerabilities
>>>to SQL injection, Cross site scripting and other web attacks before hackers do!
>>>Download Trial at:
>>>
>>>http://www.securityfocus.com/sponsor/pen-test_050831
>>>-------------------------------------------------------------------------------
>>>
>>>
>>>
>>------------------------------------------------------------------------------
>>Audit your website security with Acunetix Web Vulnerability Scanner:
>>
>>Hackers are concentrating their efforts on attacking applications on your
>>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>>futile against web application hacking. Check your website for vulnerabilities
>>to SQL injection, Cross site scripting and other web attacks before hackers do!
>>Download Trial at:
>>
>>http://www.securityfocus.com/sponsor/pen-test_050831
>>-------------------------------------------------------------------------------
>>
>>
>>
>>
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2424)

iQA/AwUBQ+mKGJcwFRNrWbm9EQKa1ACfeWnRjO0gldN+utr3Shpm+2oRal0Anjxz
4gqSt7ZSbhbWEa0xBVXpdWYR
=j5NX
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT