Security Dashboard
Monday 31 December 2007 - 38998 read
Since we have started IT security auditing and assessment, we have tested and used tons of tools, utilities and softwares. A lot of them were discontinuted, closed their code or just bought by vendors. But (hopefully), the best are still alive.
Now, by the end of the year 2007, i become slightly melancholic and decide to release a survey of the most efficient IT Security Softwares for auditors, security administrators and pentesters.
However, I deeply think that every little script or utility wrote by individual developer or hacker is a gem. Just take a look at sourceforge project repositories to be amazed. They will continue to serve us for years to come.
— Happy New Year.
Scoring criteria
This survey was based upon specific criteria, so the classification reflects only our opinion at the moment of writing this article.
| Criteria | Comment |
|---|---|
| Audience Target | IT Auditors, pentesters, IT technical staff, IT Management staff |
| Software features | Built-in features , capabilities and options. |
| Updates and maintenance | Frequency of updates (database, signature, plugins and addons). Maintenance ( bug fixes, bug reporters, support...). Future releases and roadmap. |
| Use of standards and metrics | Use of security metrics and standards (CVE, CVSS, XCCDF, OVAL, CPE, SANS TOP20, OWASP..) |
| Reporting | Dashboards, charting and graphing, types of report export (HTML, XML, PDF..) |
| Security-Database Track Popularity | Average of visits and downloads. Based on our internal stats during the year 2007. |
