Linux vulnerability Management
Discussion
Hi,
Currently I use Qualys Community Edition to scan our internal development servers (about 15 servers) for Linux vulnerabilities and make sure that we've got the "important" patches covered.
Qualys community edition is a time based trial that is soon to expire.
Can anyone suggest any open source options ?
Ta
BS
Currently I use Qualys Community Edition to scan our internal development servers (about 15 servers) for Linux vulnerabilities and make sure that we've got the "important" patches covered.
Qualys community edition is a time based trial that is soon to expire.
Can anyone suggest any open source options ?
Ta
BS
The default answer here used to be OpenVAS, but it looks like GreenBone have done us over and now the free edition is a "14 day trial". No experience of anything else in the community (FYI, we resell Tenable and offer a managed VM service). It'd be a major faff to install AlienVault just for its free scanning, but you'd get some other goodies as well and it's available as a freebie with other cut down features.
toastyhamster said:
The default answer here used to be OpenVAS, but it looks like GreenBone have done us over and now the free edition is a "14 day trial". No experience of anything else in the community (FYI, we resell Tenable and offer a managed VM service). It'd be a major faff to install AlienVault just for its free scanning, but you'd get some other goodies as well and it's available as a freebie with other cut down features.
Yes 2 years ago or so I used to use the Community Edition of OpenVAS, but various customers use Qualys and it was difficult to compare Vulnerability priorities between the 2 products so I ditched OpenVAS for Qualys. I suspect I'll live to regret that.Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff