Welcome Guest | Sign In
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider

E-Commerce Times Talkback

ECT News Community   »   E-Commerce Times Talkback   »   Re: Think Like a Hacker: The Best Scanning Tools

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: Tiernan Ray 2003-08-16 14:28:32
See Full Story

In the world of computer security break-ins, the focus has shifted from alleged hacker masterminds to enterprise shortfalls -- unpatched software, poorly secured firewalls and weak computer passwords. However, vulnerability assessment tools are educating IT admins about how to close holes in networks before a hacker even finds them, let alone plans an attack. With estimates claiming that up to 90 percent of breaches can be avoided, such tools might represent a CIO's best chance to assess the level of security in his or her enterprise and determine how to improve it.

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: Atienza 2003-08-26 14:30:48 In reply to: Tiernan Ray
Pretty good evaluation of the issue, albeit restricted to an IT-centric perspective.
Emphasizing to IT sec staff the importance of pitching others in their organizations on the opportunities/rewards of marketing a site's security status to shoppers has been a very successful sales strategy for us.
Tiernan Ray writes, "In these frugal times, however, sysadmins probably will have to prove that vulnerability assessment products can generate ROI, no matter how smart the purchase seems in principle."
Sysadmins wondering how to justify the cost of vulnearability scanning would do well to spend five minutes visiting http://www.scanalert.com/Merchants?tab=3 to see how more than 30 retail ecommerce sites have reported considerable ROI numbers on their vulnerability scanning investments via Scan Alert's HACKER SAFE certification.
(In the spirit of disclosure, I work for ScanAlert). One of the statements that we make about marrying vulnerability scanning to independent security certification is that without certification, security is an expense; with certification, security is an investment.
HACKER SAFE certified online retailers have collectively analyzed the shopping behavior of more than a million visitors to their respective sites and reported back to us an average sales boost of 15 percent. With that sort of empirical data, certification is clearly one way to justify to a bean counter the cost of vulnerability scanning.

Re: Think Like a Hacker: The Best Scanning Tools
Posted by: metac0m 2003-08-17 20:54:14 In reply to: Tiernan Ray
In addition to the commercial vulnerability scanners mentioned in this article there is a free, open source product called Nessus ( http://www.nessus.org/ ).
Jump to:
When considering an online-only dealer to purchase an automobile, which is most important to you?
30-day low price guarantee
Comprehensive and verifiable vehicle inspection policy
Extended warranty protection plan provided by the dealer
Full money back return policy with no questions asked for at least a week after delivery
The dealer has many outstanding reviews, and few or no complaints.
I would not consider buying a vehicle from an online-only dealer.