I have used Pedestal's SecurityExpressions
extensively. I wouldn't classify it as an ESM System,
but I could classify it as a System Evaluator /
Vulnerability Assesser.
I like to use it in addition to STAT, ISS, and Nessus,
because I use those to scan for vulnerabilities and
use their "research" then I will update a
SecurityExpressions file to reflect the latest
changes.
It is also good in environments where the InfoSec
department will need to scan the network to identify
problem sites.
It is probably the best tool that I have in my tool
kit right now. It is easily scriptable, and
automatable. The reporting is just ok, but it will
output to your favorite ODBC DSN so you could write
your own reports.
Let me know if you need anything else.
Regards,
Chris
--- TG <vze3nmhv (at) verizon (dot) net [email concealed]> wrote:
> Has anyone used Pedestal SecurityExpressions?
> Opinions? Comparison to ESM?
>
> ----- Original Message -----
> From: "Nicole Curcio" <default (at) nik2 (dot) com [email concealed]>
> To: <focus-ms (at) securityfocus (dot) com [email concealed]>
> Sent: Thursday, March 18, 2004 9:20 AM
> Subject: RE: security tools
>
>
> > Another similar tool is Symantec's Enterprise
> Security Manager (ESM).
> > We've had Bindview and ESM both in our environment
> for several years and
> > each has it's own specialties. We are also in the
> process of reviewing
> > CA's Policy Compliance in comparison to ESM. I
> personally like the
> > functionality of ESM better from what I've seen so
> far, but there are
> > quite a few things you can do with Bindview that
> ESM does not do.
> > -nicole
> >
> > -----Original Message-----
> > From: Barrett, Andy
> [mailto:andy.barrett (at) rma.usda (dot) gov [email concealed]]
> > Sent: Wednesday, March 17, 2004 12:45 PM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: RE: security tools
> >
> > There's similar software made by Ecora (Auditor)
> and CA (Policy
> > Compliance) that you can take a look at. We
> demoed the offerings from
> > NetIQ, BindView, Ecora, and CA in this area, and
> are in the process of
> > making a decision regarding which software to
> ultimately purchase. Each
> > one is good in it's own right, and does a very
> good job in auditing the
> > various aspects of LDAP Directories and servers.
> The main differences
> > we've found, besides price, are in the reporting
> and the detail of data
> > audited by the software, i.e. some will pull the
> membership in a group,
> > others will only pull information on the group
> itself. Good luck!!!
> >
> > Andy
> >
> > -----Original Message-----
> > From: Augusto Quadros Paes de Barros
> > [mailto:augusto (at) paesdebarros.com (dot) br [email concealed]]
> > Sent: Tuesday, March 16, 2004 7:12 AM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: security tools
> >
> > Greetings,
> >
> > I'd like to hear about tools like BindView -
> BVControl and NetiQ - VSM /
> > FSA. Are there any other alternatives that people
> from the list
> > know/use?
> >
> >
> > Regards,
> >
> > Augusto Paes de Barros
> > http://www.paesdebarros.com.br
> >
> >
> >
>
------------------------------------------------------------------------
> > ---
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> > VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> >
> > Astaro Security Linux, the comprehensive security
> solution that combines
> > six
> > applications in one software solution for ease of
> use and lower total
> > cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
> > ---
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> > VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> >
> > Astaro Security Linux, the comprehensive security
> solution that combines
> > six
> > applications in one software solution for ease of
> use and lower total
> > cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
> > ---
> >
> >
> >
> >
> >
> >
>
------------------------------------------------------------------------
--
> -
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> > Astaro Security Linux, the comprehensive security
> solution that combines
> six
> > applications in one software solution for ease of
> use and lower total cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
--
> -
> >
>
>
>
------------------------------------------------------------------------
---
> Free 30-day trial: firewall with virus/spam
> protection, URL filtering, VPN,
> wireless security
>
> Protect your network against hackers, viruses, spam
> and other risks with
> Astaro Security Linux, the comprehensive security
> solution that combines six
> applications in one software solution for ease of
> use and lower total cost
> of ownership.
>
> Download your free trial at
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
>
------------------------------------------------------------------------
---
>
=====
Chris Burton
RedEyeTek
(240) 793-9123 (Mobile)
164*117*53660 (Nextel Direct Connect)
__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
------------------------------------------------------------------------
---
extensively. I wouldn't classify it as an ESM System,
but I could classify it as a System Evaluator /
Vulnerability Assesser.
I like to use it in addition to STAT, ISS, and Nessus,
because I use those to scan for vulnerabilities and
use their "research" then I will update a
SecurityExpressions file to reflect the latest
changes.
It is also good in environments where the InfoSec
department will need to scan the network to identify
problem sites.
It is probably the best tool that I have in my tool
kit right now. It is easily scriptable, and
automatable. The reporting is just ok, but it will
output to your favorite ODBC DSN so you could write
your own reports.
Let me know if you need anything else.
Regards,
Chris
--- TG <vze3nmhv (at) verizon (dot) net [email concealed]> wrote:
> Has anyone used Pedestal SecurityExpressions?
> Opinions? Comparison to ESM?
>
> ----- Original Message -----
> From: "Nicole Curcio" <default (at) nik2 (dot) com [email concealed]>
> To: <focus-ms (at) securityfocus (dot) com [email concealed]>
> Sent: Thursday, March 18, 2004 9:20 AM
> Subject: RE: security tools
>
>
> > Another similar tool is Symantec's Enterprise
> Security Manager (ESM).
> > We've had Bindview and ESM both in our environment
> for several years and
> > each has it's own specialties. We are also in the
> process of reviewing
> > CA's Policy Compliance in comparison to ESM. I
> personally like the
> > functionality of ESM better from what I've seen so
> far, but there are
> > quite a few things you can do with Bindview that
> ESM does not do.
> > -nicole
> >
> > -----Original Message-----
> > From: Barrett, Andy
> [mailto:andy.barrett (at) rma.usda (dot) gov [email concealed]]
> > Sent: Wednesday, March 17, 2004 12:45 PM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: RE: security tools
> >
> > There's similar software made by Ecora (Auditor)
> and CA (Policy
> > Compliance) that you can take a look at. We
> demoed the offerings from
> > NetIQ, BindView, Ecora, and CA in this area, and
> are in the process of
> > making a decision regarding which software to
> ultimately purchase. Each
> > one is good in it's own right, and does a very
> good job in auditing the
> > various aspects of LDAP Directories and servers.
> The main differences
> > we've found, besides price, are in the reporting
> and the detail of data
> > audited by the software, i.e. some will pull the
> membership in a group,
> > others will only pull information on the group
> itself. Good luck!!!
> >
> > Andy
> >
> > -----Original Message-----
> > From: Augusto Quadros Paes de Barros
> > [mailto:augusto (at) paesdebarros.com (dot) br [email concealed]]
> > Sent: Tuesday, March 16, 2004 7:12 AM
> > To: focus-ms (at) securityfocus (dot) com [email concealed]
> > Subject: security tools
> >
> > Greetings,
> >
> > I'd like to hear about tools like BindView -
> BVControl and NetiQ - VSM /
> > FSA. Are there any other alternatives that people
> from the list
> > know/use?
> >
> >
> > Regards,
> >
> > Augusto Paes de Barros
> > http://www.paesdebarros.com.br
> >
> >
> >
>
------------------------------------------------------------------------
> > ---
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> > VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> >
> > Astaro Security Linux, the comprehensive security
> solution that combines
> > six
> > applications in one software solution for ease of
> use and lower total
> > cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
> > ---
> >
> >
> >
> >
> >
>
------------------------------------------------------------------------
> > ---
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> > VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> >
> > Astaro Security Linux, the comprehensive security
> solution that combines
> > six
> > applications in one software solution for ease of
> use and lower total
> > cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
> > ---
> >
> >
> >
> >
> >
> >
>
------------------------------------------------------------------------
--
> -
> > Free 30-day trial: firewall with virus/spam
> protection, URL filtering,
> VPN,
> > wireless security
> >
> > Protect your network against hackers, viruses,
> spam and other risks with
> > Astaro Security Linux, the comprehensive security
> solution that combines
> six
> > applications in one software solution for ease of
> use and lower total cost
> > of ownership.
> >
> > Download your free trial at
> >
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
> >
>
------------------------------------------------------------------------
--
> -
> >
>
>
>
------------------------------------------------------------------------
---
> Free 30-day trial: firewall with virus/spam
> protection, URL filtering, VPN,
> wireless security
>
> Protect your network against hackers, viruses, spam
> and other risks with
> Astaro Security Linux, the comprehensive security
> solution that combines six
> applications in one software solution for ease of
> use and lower total cost
> of ownership.
>
> Download your free trial at
>
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
>
------------------------------------------------------------------------
---
>
=====
Chris Burton
RedEyeTek
(240) 793-9123 (Mobile)
164*117*53660 (Nextel Direct Connect)
__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html
------------------------------------------------------------------------
---
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
------------------------------------------------------------------------
---
[ reply ]