Vulnerability Assessment Tools
JasminLandry
Member Posts: 601 ■■■□□□□□□□
in Off-Topic
My boss has asked me to start doing vulnerability assessment at work. I'm pretty comfortable using Nessus, Nmap, BackTrack (just a bit) and a few others. Do you guys know any other wonderful tools that I could use for this project? Of course I don't want tools to exploit the threats, I only need to scan the network and find vulnerabilities, compare the scans to the baselines and patch or reconfigure the systems as needed. I would appreciate your help for all you security experts here 
Comments
-
emerald_octane
Member Posts: 613
You hit the big ones. IBM has their Security App scan if you want to blow several G's for a single user license. -
LeifAlire
Member Posts: 106
Retina Network Security Scanner from BeyondTrust is an amazing product. Right now they have a the unlimited IP version for $1200, I am sure a sales rep could give you a 30 day trial also. But I a very good product.2015 Goals: VCP-550 - CISA - 70-417 -
datacomboss
Member Posts: 304 ■■■□□□□□□□
I like QualysGuard. After doing the free training (including lunch, snacks and beverages) I implemented in my office and like the results."If I were to say, 'God, why me?' about the bad things, then I should have said, 'God, why me?' about the good things that happened in my life."
Arthur Ashe -
docrice
Member Posts: 1,706 ■■■■■■■■■■
Speaking of Qualys, there are several free tools available:
http://www.qualys.com/forms/freescan/
http://www.qualys.com/forms/freescan/website-scan/
http://www.qualys.com/forms/freescan/owasp/
https://browsercheck.qualys.com/
https://www.ssllabs.com/Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/