From: Tim (pand0ra.usa@gmail.com)
Date: Fri Apr 14 2006 - 18:00:42 EDT
May I ask why? In my _opinion_, basing vulnerability scans on the SANS
Top 20 is a step towards disaster. Keep in mind that the SANS Top 20
is not updated on a frequent basis, I believe it is done quarterly. If
(I am not saying this is a certainty) the system is out of date on
patches the SANS Top 20 will probably not flag all of the issues.
I have seen organizations base their scanning policy on the ST20
thinking they were covered. When we came in to do an audit the scans
revealed MANY more issues then they were aware of. At that point we
had to calm them down and explain why their scans differed so much
from ours. In my personal opinion I think the ST20 is fun to look at
but is a disaster waiting to happen.
The only benefit I can see in doing this is to show the
client/management that only following the ST20 is setting them up for
a compromise. As for your original question you can manually go
through the plugins and map those back to the ST20. I don't remember
if there is some way to search for those.
On 4/14/06, xelerated <xelerated@gmail.com> wrote:
> I have looked pretty heavily for an easy way to generate an Sans Top 20
> result list from a nessus scan.
>
> Be it a filter and doing just a scan for sans top 20's or
> filtering from an already ran scan.
>
> The closest thing I have found was update-nessusrc.
> So far i cant get it to generate a new rc for the top 20s.
> It just hangs.
>
> Is there any way to get a Top 20 report for nessus?
>
>
> Thanks
> Chris
>
-- Tim ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details. ------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:50 EDT