netvigilance security assessment scanners

Has anyone heard of netvigilance?  It's a network assessment security scanner.  Was curious to its quality.....
gopher_49Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Rich RumbleConnect With a Mentor Security SamuraiCommented:
GFI's product is less intrusive than most others, it looks for various values returned and doesn't probe too much to figure out any false positives, typically if your missing a patch or three it will trigger, however there are work-arounds to patches that can mitigate the need for the patch and GFI doesn't probe for that so you can get FP's even if GFI is "half right", you are indeed missing the patch, however if mitigation steps have been taken for that vuln GFI can't tell you. Nessus and Retina go a little beyond that without completing an exploit fully. The former two are also code inspectors and can point out some obvious common mistakes in code like possible XSS issues, but that's if they are blatant.
-rich
0
 
Phil_AgcaoiliCommented:
Nope.

Is this for personal or professional use?

Most professional assessment teams use well-known network scanning tools like Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco.

If you have PCI scanning requirements, many companies are using Qualys.

I suggest staying with the pro-tools and not with new fangled and unproven tools.

Maybe, Netvigilance will gain some momentum and credibility, but if you Google them, they are tooting their own marketing horns (aka self-proclaimed VA experts) and no one else even seems to have a review of their assessment software.

My 2 bits
0
 
gopher_49Author Commented:
thanks for your input.  They showed me an interactive demo and it seemed promising, however, I'm by no means a security expert.  The centralized scanning and scheduling seemed pretty standard, however, they did seem to have a lot of research behind their product.  I think I need to hold off and explore other options...

Thanks for your input.

0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
Phil_AgcaoiliCommented:
Tenable Security includes Nessus and provides what you are discussing.
For a Windows shop, GFI Languard and eEye Retina also offer competitive solutions.

I suggest exploring recent bake-offs on Vulnerability Assessment tools, scanners.

You also may want to explore the service or outsourced options available from Qualys or Foundstone. They do remote assessment for you if you are new at it.

Other tools and companies that are not as competitive are ISS and Citadel. ISS was one of the original leaders, but they have not maintained their leadership in this field.

The tools posted in my first post are very solid, if you want to go down the DIY route and learn about self assessments. With these options, I suggest going to ethical hacking courses and finding out what the pros use...one or more of all of the tools and services that I've mentioned will be used (except Netvigilance).

Good luck to you.
0
 
Rich RumbleSecurity SamuraiCommented:
Agreed Phil, while I've not used their netvigilence scanner, their HoneyPotd tool is very good and I've used it several times.
http://www.networkworld.com/news/2006/102506-netvigilance-honeypot.html
I can't speak to the scanner itself, GFI, Nessus, and Retina are all fine products.
-rich
0
 
gopher_49Author Commented:
I looked into GFI's scanner for I use almost all of GFI's products.  The thing about GFI is that they do not have much of a research team when it comes to vunerability scanning.  They simply rely on other people's research.  I'm wanting to use a company who has their own research team dedicated to vunerability assessment.

Does anyone know about GFI's vunerability research team?  

I'll look into Nessus and Retina for they seem to be liked by a few people.  
0
 
Phil_AgcaoiliConnect With a Mentor Commented:
"I'm wanting to use a company who has their own research team dedicated to vunerability assessment."

Don't buy the marketing hype on this one.
Did NetViligilence sell this concept to you?
If so, it's very 1995 of them.

Research teams exist in all of these scanner companies or else how do they get product updates?
ISS X-Force is one of the most well-known teams since their inception in 1996, but ISS no longer makes the "best" scanner.
Does this make them great?
No longer.

Scanner software is purely based on ability to detect vulnerabilities. Plain and simple.

Getting scanner updates these days is like the AntiVirus world in that all of the AV vendors are about the same in time to market with virus updates. I know, another debately topic...not all AV vendors are equal, but at te end of the day most vendors are "on par" with one another, same with the vulnerability assessment (VA) scanners.

Also, most vulnerabilities are posted via CVE (cve.mitre.org) and all of the scanners are about the same where some are better geared to the beginner versus more professional tools with more options and testing capability.

Again, you sound new to this, so you really will want an easy tool to drive...Nessus is not it.
Qualys, Foundstone, or Retina will work best for a beginner.
GFI Languard is a good entry-scanner, but it's not for a heterogenous network environments.
Nessus, Metaspliot, WebInspect, Nikto, Canvas, Argeniss, and VulnDisco are for intermediate-to-advanced VA testers.
0
 
gopher_49Author Commented:
Phil,

Why is GFI Languard no good for heterogenous networks?  I've used an older version of their scanner and it seemed to be only geared for Windows servers and/or workstations.  Since then they've added more support for Unix/Linux and Cisco devices.  Due to their change in regards to more support among cross platforms and/or devices I thought they might be an okay solution.  I'm new to this though...  It seems that for me, my best option is Retina....  

Thanks for letting me know about the vast public knowledge in regards to vunerabilities.  I was under the impression that some of these research groups had information quicker, and/or, information that other did not have.

Richrumble,

Thanks for the input in regards to GFI's limitations.  

I'm taking the information from both of your posts and getting Retina.  It seems to be more geared for poeple with less experience in vunerability scanning and delivers more functionality.  

Thanks.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.