<div>
Have you tried the Microsoft Baseline Security Analyzer?<br />
<br />
<a href="http://technet.microsoft.com/en-us/security/cc184923" rel="ugc nofollow">http://technet.microsoft.com/en-us/security/cc184923</a>&nbsp; 
</div>


Have you tried the Microsoft Baseline Security Analyzer?

http://technet.microsoft.com/en-us/security/cc184923 [http://technet.microsoft.com/en-us/security/cc184923] 

<div>
We need to scan web servers of any kind of OS.<br />
<br />
The windows requirements is only to install the tool<br />
<br />
thanks
</div>


We need to scan web servers of any kind of OS.

The windows requirements is only to install the tool

thanks

<div>
In any case, If is there a really good tool that only runs in linux, of course, I can use it too<br />
<br />
Thanks
</div>


In any case, If is there a really good tool that only runs in linux, of course, I can use it too

Thanks

<div>
hi,<br />
i use nessus:<br />
<a href="http://www.tenable.com/products/nessus" rel="ugc">http://www.tenable.com/products/nessus</a>
</div>


hi,
i use nessus:
http://www.tenable.com/products/nessus [http://www.tenable.com/products/nessus]

<div>
As I said in my first message, I think that nessus are a bit expensive for a little company, is there any special license cheaper? How much you pay for starter license?
</div>


As I said in my first message, I think that nessus are a bit expensive for a little company, is there any special license cheaper? How much you pay for starter license?

<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
I'm looking for a vulnerability scan tool to check webpages and servers. <br />
<br />
I see that nessus now is not free, &nbsp;please somebody could send me any suggestion (free or cheaper) scan tools that runs in a windows client?<br />
<br />
Thanks<br />

</div>
</div>


Hi,

I'm looking for a vulnerability scan tool to check webpages and servers. 

I see that nessus now is not free,  please somebody could send me any suggestion (free or cheaper) scan tools that runs in a windows client?

Thanks


Vulnerability Scan tool for windows

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Digital forensics encompasses the recovery and investigation of material found in digital devices, often in relation to computer crime. Digital forensics investigations have a variety of applications. The most common is to support or refute a hypothesis before criminal or civil (as part of the electronic discovery process) courts. The technical aspect of an investigation is divided into several sub-branches, relating to the type of digital devices involved; computer forensics, network forensics, forensic data analysis and mobile device forensics. The typical forensic process encompasses the seizure, forensic imaging (acquisition) and analysis of digital media and the production of a report into collected evidence.

Digital Forensics

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.