Hi Danux,
We've spent sometime breaking down Vulnerability scanners into a variety of
sub categories depending on what you need them to do, from your product
choice you appear to be looking for a Website Scanner, our breakdown is as
follows:
At the top of the tree is Distributed vulnerability scanners which generally
serve enterprises or managed services where you need to distribute the
scanning engines due to bandwidth constraints etc
We have listed them here
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Distributed-Scanners.html
Beneath this would come your network vulnerability scanners, such as Nessus
or Hailstorm (Cenzic)
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Network-Scanners.html
Then you start to get specialised such as with web testing with products
like your Acunetix product, which I just added to the listing along with SPI
Dynamics which I now understand to be WebInspect after it's acquisition by
HP
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Website-Scanners.html
Watchfire has been acquired by IBM, blue rinsed and integrated into Rational
software quality management solutions. I can't find much reference to it on
the IBM site
We also have categories for
Active and Passive OS Fingerprinting tools such as nmap and P0F
Network enumerators
Network mappers (enterprise)
Vulnerability Exploiters such as Metasploit and Core
The site is a new reincarnation of our old site, some of the listings are
dated and I need people to rate and review the products. We hope to launch
it properly once it's finished sometime in September
Regards
Andy Cuff
Computer Network Defence Ltd
www.networkintrusion.co.uk
>
> We are doing vulnerability testing using SPI Dynamics with
> Mercury Quality Center to defect management but this tool is
> too expensive
> (SPI) and also when using with MQC it is too slow.
>
> In the past i have used Acunetix, i think is faster than SPI
> Dynamics but i dont know about the price.
>
> do you know if Gartner, personal experience or other source
> where i can have a comparison between those kind of products?
> I mean like SPI Dynamics, WatchFire, Acunetix, Cenzic, so on.
>
> We are looking cheaper costs, better performance and good
> vulnerability defect management.
>
> Thanks a lot.
>
> --
> Danux, CISSP, OSCP, ISO27001
>
> --------------------------------------------------------------
> ----------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> --------------------------------------------------------------
> ----------
>
>
>
>
We've spent sometime breaking down Vulnerability scanners into a variety of
sub categories depending on what you need them to do, from your product
choice you appear to be looking for a Website Scanner, our breakdown is as
follows:
At the top of the tree is Distributed vulnerability scanners which generally
serve enterprises or managed services where you need to distribute the
scanning engines due to bandwidth constraints etc
We have listed them here
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Distributed-Scanners.html
Beneath this would come your network vulnerability scanners, such as Nessus
or Hailstorm (Cenzic)
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Network-Scanners.html
Then you start to get specialised such as with web testing with products
like your Acunetix product, which I just added to the listing along with SPI
Dynamics which I now understand to be WebInspect after it's acquisition by
HP
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Website-Scanners.html
Database Scanners
http://www.networkintrusion.co.uk/index.php/component/mtree/Scanning-Pro
duct
s/Database-Scanners.html
Watchfire has been acquired by IBM, blue rinsed and integrated into Rational
software quality management solutions. I can't find much reference to it on
the IBM site
We also have categories for
Active and Passive OS Fingerprinting tools such as nmap and P0F
Network enumerators
Network mappers (enterprise)
Vulnerability Exploiters such as Metasploit and Core
The site is a new reincarnation of our old site, some of the listings are
dated and I need people to rate and review the products. We hope to launch
it properly once it's finished sometime in September
Regards
Andy Cuff
Computer Network Defence Ltd
www.networkintrusion.co.uk
>
> We are doing vulnerability testing using SPI Dynamics with
> Mercury Quality Center to defect management but this tool is
> too expensive
> (SPI) and also when using with MQC it is too slow.
>
> In the past i have used Acunetix, i think is faster than SPI
> Dynamics but i dont know about the price.
>
> do you know if Gartner, personal experience or other source
> where i can have a comparison between those kind of products?
> I mean like SPI Dynamics, WatchFire, Acunetix, Cenzic, so on.
>
> We are looking cheaper costs, better performance and good
> vulnerability defect management.
>
> Thanks a lot.
>
> --
> Danux, CISSP, OSCP, ISO27001
>
> --------------------------------------------------------------
> ----------
> This list is sponsored by: Cenzic
>
> Top 5 Common Mistakes in
> Securing Web Applications
> Get 45 Min Video and PPT Slides
>
> www.cenzic.com/landing/securityfocus/hackinar
> --------------------------------------------------------------
> ----------
>
>
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]