RE: Qualys

From: Marc Maiffret (mmaiffret@eeye.com)
Date: Tue Feb 14 2006 - 05:11:51 EST

• Next message: c.ehlen@bull.de: "RE: pushing exploits through the Firewall"
• Previous message: Carl-Johan Bostorp: "SV: thc-pptp-bruter problem?"
• Maybe in reply to: DWreck: "RE: Qualys"
• Next in thread: pro_logos@hotmail.com: "Re: RE: Qualys"
• Maybe reply: pro_logos@hotmail.com: "Re: RE: Qualys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> -----Original Message-----
> From: Byron Sonne [mailto:blsonne@rogers.com]
> Sent: Tuesday, February 07, 2006 4:57 PM
> To: Mark Teicher
> Cc: Michael Gargiullo; pen-test@securityfocus.com
> Subject: Re: Qualys
<snip>
> We're not huge exploit discoverers like eEye and whatnot, so
> without that rock-star factor there isn't as much press.

Your right about not being rock-stars but much more importantly your
right about not being proactive in vulnerability research. And if you
understood the true value that proactive vulnerability research brings
to customers then you would not write it off with an attempt at
belittling it as "they get more press than us", which yes again, your
right.

> also tend to deal with larger companies (some have 16 million
> nodes), nor do we offer a bunch of one-off point-and-click
> single-PC or small network scanning tools.

Ahh classy... So now by virtue of dealing with large customers it means
you should not release free scanning tools, because yah that means you
couldn't possibly build enterprise software. I personally like the fact
that small organizations such as the entire United States Department of
Defenese have chosen to standardize on eEye Digital Security for
vulnerability management, all while we've released free scanning tools
for IT administrators.

But then I am sure I have taken your inert jabs the wrong way and they
don't exist as 80% of the people behind the hotmail/gmail accounts that
respond to these product vendor threads.

Honestly though who throws a shoe,

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9329
http://eEye.com/Blink - End-Point Vulnerability Prevention
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: c.ehlen@bull.de: "RE: pushing exploits through the Firewall"
• Previous message: Carl-Johan Bostorp: "SV: thc-pptp-bruter problem?"
• Maybe in reply to: DWreck: "RE: Qualys"
• Next in thread: pro_logos@hotmail.com: "Re: RE: Qualys"
• Maybe reply: pro_logos@hotmail.com: "Re: RE: Qualys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT