Seccubus v1.4.1 released

by

In: Application Scanner , Metrics , Seccubus , Vulnerability Scanner

29 March 2010

Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting.

Why?

Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular vulnerability scans of the same infrastructure.

How does it work?

Seccubus runs vulnerability scans at regular intervals and compares the findings of the last scan with the findings of the previous scan. The delta of this scan is presented in a web GUI when findings can be easily marked as either real findings or non-issues. Non issues get ignored until they change. This causes a dramatically reduction a analysis time.

Version 1.4.1

  • Ticket [ 2954813 ] - Parsing of hostnames
  • Ticket [ 2962660 ] - update-nessusrc not comptible with Nessus 4.2
  • Ticket [ 2954186 ] - Still some AutoNessus references

Full description: here

More Information: here

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Metrics
Seccubus
Vulnerability Scanner