From: Román Ramírez (rramirez@chasethesun.es)
Date: Wed Apr 21 2004 - 05:31:14 EDT
Hello,
About Retina I must say that is one of the best audit tools I have
used...
False positives are AND WILL BE in the market and in every security
tool, and Languard is not the best example about not-having false
positives (in my experiencie every network device I test has SNMP public
community as GFI shows :) )
I don't know if you are a final customer or a consultant, but one of the
auditor's tasks is to verify vulnerabilities and remove false positives
(and try to get more info about false negatives).
I know a lot about Netrecon, about the (deceased) cybercop, nessus and
newt, sara, saint, and for my experience I will take Retina and Nessus
without any doubt, efficience and productivity.
About your comments about the company, well, they are one of the best
security companies (for my experience @stake, eeye, bindview) and they
have a BIG customer support department, and of course, check if Nessus
has the same "customer support" (mailing lists that of course you can
find in eEye Web site too).
I have a deep experience with eEye in big projects and I know some
customers that are very happy with their tools (my own company in top of
the list).
Hope this helps
-- Roman Ramirez Director General Chase The Sun +34 609 490 156 mailto:rramirez@chasethesun.es http://www.chasethesun.es > -----Mensaje original----- > De: clarke-cummings@columbus.rr.com > [mailto:clarke-cummings@columbus.rr.com] > Enviado el: martes, 20 de abril de 2004 16:37 > Para: pen-test@securityfocus.com > Asunto: Why eEye Retina (was MBSA scanner) > > > Hello Everyone, > > We recently began evaluating eEye's Retina product for our > vulnerability assessment tool. We have found the results to > be very inconsistent, showing us vulnerable to issues that > have been patched. We've verified the patches manually, with > MBSA, HFNETCHK, and LanGuard. eEye didn't have a good answer > as to why the results were so inconsistent. Any guesses? > > Also, how is their support response for those that are > customers? As a trial customer they aren't a very impressive > organization. > > Thanks in advance for the help. > > Cheers, > Clarke > > -------------------------------------------------------------------- > mail2web - Check your email from the web at http://mail2web.com/ . > > > > -------------------------------------------------------------- > ---------------- > Ethical Hacking at the InfoSec Institute. Mention this ad and > get $545 off any course! All of our class sizes are > guaranteed to be 10 students or less to facilitate one-on-one > interaction with one of our expert instructors. Attend a > course taught by an expert instructor with years of > in-the-field pen testing experience in our state of the art > hacking lab. Master the skills of an Ethical Hacker to better > assess the security of your organization. Visit us at: > http://www.infosecinstitute.com/courses/ethical> _hacking_training.html > -------------------------------------------------------------- > ----------------- > > ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:52 EDT