Solved

netvigilance security assessment scanners

Posted on 2006-12-01
8
497 Views
Last Modified: 2013-12-04
Has anyone heard of netvigilance?  It's a network assessment security scanner.  Was curious to its quality.....
0
Comment
Question by:gopher_49
  • 3
  • 3
  • 2
8 Comments
 
LVL 12

Expert Comment

by:Phil_Agcaoili
Comment Utility
Nope.

Is this for personal or professional use?

Most professional assessment teams use well-known network scanning tools like Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco.

If you have PCI scanning requirements, many companies are using Qualys.

I suggest staying with the pro-tools and not with new fangled and unproven tools.

Maybe, Netvigilance will gain some momentum and credibility, but if you Google them, they are tooting their own marketing horns (aka self-proclaimed VA experts) and no one else even seems to have a review of their assessment software.

My 2 bits
0
 

Author Comment

by:gopher_49
Comment Utility
thanks for your input.  They showed me an interactive demo and it seemed promising, however, I'm by no means a security expert.  The centralized scanning and scheduling seemed pretty standard, however, they did seem to have a lot of research behind their product.  I think I need to hold off and explore other options...

Thanks for your input.

0
 
LVL 12

Expert Comment

by:Phil_Agcaoili
Comment Utility
Tenable Security includes Nessus and provides what you are discussing.
For a Windows shop, GFI Languard and eEye Retina also offer competitive solutions.

I suggest exploring recent bake-offs on Vulnerability Assessment tools, scanners.

You also may want to explore the service or outsourced options available from Qualys or Foundstone. They do remote assessment for you if you are new at it.

Other tools and companies that are not as competitive are ISS and Citadel. ISS was one of the original leaders, but they have not maintained their leadership in this field.

The tools posted in my first post are very solid, if you want to go down the DIY route and learn about self assessments. With these options, I suggest going to ethical hacking courses and finding out what the pros use...one or more of all of the tools and services that I've mentioned will be used (except Netvigilance).

Good luck to you.
0
 
LVL 38

Expert Comment

by:Rich Rumble
Comment Utility
Agreed Phil, while I've not used their netvigilence scanner, their HoneyPotd tool is very good and I've used it several times.
http://www.networkworld.com/news/2006/102506-netvigilance-honeypot.html
I can't speak to the scanner itself, GFI, Nessus, and Retina are all fine products.
-rich
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:gopher_49
Comment Utility
I looked into GFI's scanner for I use almost all of GFI's products.  The thing about GFI is that they do not have much of a research team when it comes to vunerability scanning.  They simply rely on other people's research.  I'm wanting to use a company who has their own research team dedicated to vunerability assessment.

Does anyone know about GFI's vunerability research team?  

I'll look into Nessus and Retina for they seem to be liked by a few people.  
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 125 total points
Comment Utility
GFI's product is less intrusive than most others, it looks for various values returned and doesn't probe too much to figure out any false positives, typically if your missing a patch or three it will trigger, however there are work-arounds to patches that can mitigate the need for the patch and GFI doesn't probe for that so you can get FP's even if GFI is "half right", you are indeed missing the patch, however if mitigation steps have been taken for that vuln GFI can't tell you. Nessus and Retina go a little beyond that without completing an exploit fully. The former two are also code inspectors and can point out some obvious common mistakes in code like possible XSS issues, but that's if they are blatant.
-rich
0
 
LVL 12

Assisted Solution

by:Phil_Agcaoili
Phil_Agcaoili earned 125 total points
Comment Utility
"I'm wanting to use a company who has their own research team dedicated to vunerability assessment."

Don't buy the marketing hype on this one.
Did NetViligilence sell this concept to you?
If so, it's very 1995 of them.

Research teams exist in all of these scanner companies or else how do they get product updates?
ISS X-Force is one of the most well-known teams since their inception in 1996, but ISS no longer makes the "best" scanner.
Does this make them great?
No longer.

Scanner software is purely based on ability to detect vulnerabilities. Plain and simple.

Getting scanner updates these days is like the AntiVirus world in that all of the AV vendors are about the same in time to market with virus updates. I know, another debately topic...not all AV vendors are equal, but at te end of the day most vendors are "on par" with one another, same with the vulnerability assessment (VA) scanners.

Also, most vulnerabilities are posted via CVE (cve.mitre.org) and all of the scanners are about the same where some are better geared to the beginner versus more professional tools with more options and testing capability.

Again, you sound new to this, so you really will want an easy tool to drive...Nessus is not it.
Qualys, Foundstone, or Retina will work best for a beginner.
GFI Languard is a good entry-scanner, but it's not for a heterogenous network environments.
Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco are for intermediate-to-advanced VA testers.
0
 

Author Comment

by:gopher_49
Comment Utility
Phil,

Why is GFI Languard no good for heterogenous networks?  I've used an older version of their scanner and it seemed to be only geared for Windows servers and/or workstations.  Since then they've added more support for Unix/Linux and Cisco devices.  Due to their change in regards to more support among cross platforms and/or devices I thought they might be an okay solution.  I'm new to this though...  It seems that for me, my best option is Retina....  

Thanks for letting me know about the vast public knowledge in regards to vunerabilities.  I was under the impression that some of these research groups had information quicker, and/or, information that other did not have.

Richrumble,

Thanks for the input in regards to GFI's limitations.  

I'm taking the information from both of your posts and getting Retina.  It seems to be more geared for poeple with less experience in vunerability scanning and delivers more functionality.  

Thanks.

0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
This video discusses moving either the default database or any database to a new volume.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now