We use Qualys for PCI vulnerability scanning.
Josh
-----Original Message-----
From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On
Behalf Of Michael B Allen
Sent: Friday, February 18, 2011 1:20 PM
To: centos@xxxxxxxxxx
Subject: Recommendation for a Good Vulnerability Scanning
Service?
Hi,
Can someone recommend a good vulnerability scanning service? I just
need the minimum for PCI compliance (it's a sort of credit card
processing certification).
I got a free scan from https://www.hackerguardian.com/ and their scan
reported a number of "Fail" results. I haven't checked them all yet
but most seem to be things for which fixes were backported looong ago
by The Upstream Vendor.
I haven't spoken with the hackerguardian people yet but it would be
nice if I could just say "I'm using CentOS 5.5" and have them factor
that into their report so that I can focus on any real issues. Are
there vulnerability scanning services that are more or less
sophisticated about this?
Thanks,
Mike
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
