Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is the plain vanilla vulnerability assessment scanner dead?

assessment dead plain scanner Vanilla vulnerability
0
Posted

Is the plain vanilla vulnerability assessment scanner dead?

0 CommentsAdd a Comment

1 Answer

0

Vulnerability assessment tools aren’t just for scanning devices and spitting out a list of vulnerabilities anymore: VA tools are now being bundled with configuration management, policy, and penetration testing functions. Some vendors, like StillSecure, even envision VA eventually becoming part of the network access control (NAC) equation. “It’s definitely not dead,” says Ron Gula, CEO of Tenable Network Security, which sells the popular Nessus vulnerability scanner. “There are people who scan several million IP addresses per day, and penetration testers are still using it [the vulnerability assessment tool]. If VA scanning were dead, we wouldn’t have 80,000 people downloading us as plug-ins.” But Gula admits that VA, including Nessus, is evolving. Aside from pinpointing vulnerabilities, Nessus also enumerates all hosts and devices connected to Web services, SNMP, and other network services, he says. The trouble with merely finding vulnerabilities with a VA scan is each vulnerability do

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.