big daddy fatsacks
2[H]4U
- Joined
- Aug 10, 2001
- Messages
- 2,312
I have a new job as of Monday, and in the job listing it mentioned using Nessus. So I started playing with that over the past week or so. But when I started work I found out they are using ISS as the vulnerability scanner.
In any case, the point is not about whether I know how to use either. I am just curious if anyone out there has used both, and how you feel they compare. I'm a little puzzled as to what great features ISS has that warrant paying buttloads of money for it when Nessus seems to be as powerful as it gets and can be run for free. Or if you subscribe to the direct feed you do indeed need to pay for it, but from what I can tell it's still considerably less than the cost of ISS.
Can anyone provide a comparison? Or, does anyone know where there is a recent article comparing these VA scanners? The most recent I can find are from like 2003 and there has been considerable change since then.
Thanks
In any case, the point is not about whether I know how to use either. I am just curious if anyone out there has used both, and how you feel they compare. I'm a little puzzled as to what great features ISS has that warrant paying buttloads of money for it when Nessus seems to be as powerful as it gets and can be run for free. Or if you subscribe to the direct feed you do indeed need to pay for it, but from what I can tell it's still considerably less than the cost of ISS.
Can anyone provide a comparison? Or, does anyone know where there is a recent article comparing these VA scanners? The most recent I can find are from like 2003 and there has been considerable change since then.
Thanks