Nessus Security Scanner Listing updated: October 30, 2007

Traditional network security scanners tend to focus on the services listening on the network - and only on these. Now that viruses and worms are propagating thanks to flaws in mail clients or web browsers, this conception of security is getting outdated.
Nessus has the ability to detect the remote flaws of the hosts on your network, but their local flaws and missing patches as well - whether they are running Windows, Mac OS X or a Unix-like system. Each security test is written as an external plugin, written in NASL. This means that updating Nessus does not involve downloading untrusted binaries from the internet. The Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language) a language designed to write security test easily and quickly. Nessus does not believe that the target hosts will respect the IANA assigned port numbers. This means that it will recognize a FTP server running on a non-standard port (ie: 31337), or a web server running on port 8080. If a host runs the same service twice or more, Nessus will test all of them. Nessus has the ability to test SSLized services such as https, smtps, imaps, and more. You can even supply Nessus with a certificate so that it can integrates into a PKI-fied environement. Nessus gives you the choice between performing a regular non-destructive security audit on a routine basis, or to throw everything you can at a remote host to see how will it withstands attacks from intruders.

• Company: Nessus
• URL: nessus.org
• Email: deraison@cvs.nessus.org

• Users' Rating: 4 [3 votes] - Vote
• Comments: 0 comments - Post

Enterprise Security Reporter Listing updated: January 23, 2008

The Enterprise Security Reporter platform features agent-less, fast, comprehensive discovery and reporting solutions for file security, group memberships, Active Directory, printers, file shares and other security settings on Windows and SharePoint servers. Enterprise Security Reporter is essential for administrators burdened with compliance reporting and security audits, automating reporting and simplifying analysis.

Enterprise Security Reporter provides a reporting and auditing solution for corporate data stored on a file share, or in a SharePoint site. Easily discover necessary security information, run reports, create custom reports and conduct ad-hoc queries across the entire organization.

• Company: ScriptLogic
• URL: www.scriptlogic.com
• Email: sales@scriptlogic.com

• Users' Rating: 3.78 [9 votes] - Vote
• Comments: 0 comments - Post

Maxpatrol - network Security Scanner Listing updated: September 16, 2004

MaxPatrol is a network security scanner optimized for effective use by companies of any size (serving from a few to tens of thousands of nodes). It supports vulnerability testing for servers with non-standard configurations, intelligent recognition of vulnerabilities in known (and custom) web-server scripts, identification of RPC services and more. The program uses inspection methods to minimize false detections. MaxPatrol has at its disposal a protection analyzer developed for web servers and web applications (e.g. internet shops).
Although MaxPatrol operates within Microsoft Windows, it can test for possible vulnerabilities in any software or hardware platform: from Windows workstations to Cisco networks (*nix, Solaris, Novell, AS400, etc.). Additional features include scheduled scans, custom level vulnerabilities, full scan history and more.

• Company: Positive Technologies
• URL: www.maxpatrol.com
• Email: antipov@Securitylab.ru
• Screenshot: click here
• Price: $877

• Users' Rating: 3.77 [13 votes] - Vote
• Comments: 0 comments - Post

Security Auditor's Research Assistant Listing updated: April 29, 2005

SARA is a network security scanner that discovers, analyzes, and reports on security vulnerabilities of network-based computers, server, routers,and firewalls. It performs over 1,000 tests on each network node that it discovers. It is built to support the large scale enterprise model that contains over 25,000 nodes. It is approved for operation in the SANS Top Ten and Top 20 environments.

• Company: Advanced Research Corporation
• URL: www-arc.com
• Email: info@arc.com

• Users' Rating: 3.5 [4 votes] - Vote
• Comments: 0 comments - Post

Infiltrator Network Security Scanner Listing updated: October 12, 2003

Infiltrator is a network security scanner that can quickly audit your network computers for possible vulnerabilities, exploits, and information enumerations. It comes with a built-in database of known vulnerabilities, that can be updated online and allows you to select the items to scan for or to add custom entries to be included. Infiltrator can reveal and catalog a variety of information, including installed software, shares, users, drives, hotfixes, NetBios and SNMP information, open ports and much more. It can also audit password and security policies, perform HTTP/CGI server auditing, registry auditing In addition, Infiltrator also comes with 18 network utilities for footprinting, scanning, enumerating and gaining access to machines (ping sweep, whois lookups, email tracing, share scanning and more). The program can be run from the commandline, allowing for external scheduling and automated scanning.

• Company: Infiltration Systems
• URL: www.infiltration-systems.com
• Email: support@infiltration-systems.com
• Screenshot: click here
• Price: $195.95

• Users' Rating: 3 [2 votes] - Vote
• Comments: 0 comments - Post

SecurityEXPERT - Policy-Driven Vulnerability Management Listing updated: May 2, 2005

SecurityEXPERT brings recommendations together in a view where it is easy for the systems administrator to set a security policy without conflicts. Users can review the recommendations based on selected machine configurations and create settings policy based on those recommendations. While patching is important, best practices for System Vulnerability Management dictate creating a security policy, enforcing the policy and routinely auditing machines.

SecurityEXPERT uses a policy-based approach where security settings are presented in templates that encapsulate a variety of third party recommendations. You can review these recommendations and create your settings policies based on them. You can then audit, enforce and report on managed machines with respect to their assigned policies.

• Company: St. Bernard Software
• URL: www.stbernard.com
• Email: info@stbernard.com
• Screenshot: click here

• Users' Rating: no votes - Vote
• Comments: 0 comments - Post