Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider

E-Commerce Times Talkback

ECT News Community   »   E-Commerce Times Talkback   »   Re: Think Like a Hacker: The Best Scanning Tools

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: Tiernan Ray 2003-08-16 14:28:32
See Full Story

In the world of computer security break-ins, the focus has shifted from alleged hacker masterminds to enterprise shortfalls -- unpatched software, poorly secured firewalls and weak computer passwords. However, vulnerability assessment tools are educating IT admins about how to close holes in networks before a hacker even finds them, let alone plans an attack. With estimates claiming that up to 90 percent of breaches can be avoided, such tools might represent a CIO's best chance to assess the level of security in his or her enterprise and determine how to improve it.

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: Atienza 2003-08-26 14:30:48 In reply to: Tiernan Ray
Pretty good evaluation of the issue, albeit restricted to an IT-centric perspective.
Emphasizing to IT sec staff the importance of pitching others in their organizations on the opportunities/rewards of marketing a site's security status to shoppers has been a very successful sales strategy for us.
Tiernan Ray writes, "In these frugal times, however, sysadmins probably will have to prove that vulnerability assessment products can generate ROI, no matter how smart the purchase seems in principle."
Sysadmins wondering how to justify the cost of vulnearability scanning would do well to spend five minutes visiting http://www.scanalert.com/Merchants?tab=3 to see how more than 30 retail ecommerce sites have reported considerable ROI numbers on their vulnerability scanning investments via Scan Alert's HACKER SAFE certification.
(In the spirit of disclosure, I work for ScanAlert). One of the statements that we make about marrying vulnerability scanning to independent security certification is that without certification, security is an expense; with certification, security is an investment.
HACKER SAFE certified online retailers have collectively analyzed the shopping behavior of more than a million visitors to their respective sites and reported back to us an average sales boost of 15 percent. With that sort of empirical data, certification is clearly one way to justify to a bean counter the cost of vulnerability scanning.

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: metac0m 2003-08-17 20:54:14 In reply to: Tiernan Ray
In addition to the commercial vulnerability scanners mentioned in this article there is a free, open source product called Nessus ( http://www.nessus.org/ ).
Jump to:
Given the spread of the Covid-19 Delta variant, if my employer requires me to return to the company's location in 2021, I will...
Agree because I'm fully vaccinated.
Agree if the company institutes a mandatory mask requirement and other safety protocols.
Comply reluctantly, because I can't afford to lose my job, but start looking for different employment.
Resign immediately so I can dedicate all of my time to find a job I feel is safer.
Resign because I'm not vaccinated and don't want to risk infection to myself or others.