2020-07-12T14:13:00Z
Ludwing Caviedes - PeerSpot reviewer
VP Innovation and Development at Coinsa SAS
  • 6
  • 60

How inadvisable is it to use a single vulnerability analysis tool?

Hi,

I'm a VP of Innovation and Development at a small tech. services company. 

Is it possible that a single vulnerability analysis software does not detect the entire spectrum of threats?

8
PeerSpot user
8 Answers
Avraham Sonenthal - PeerSpot reviewer
Senior Network Engineer at a government with 5,001-10,000 employees
Real User
Top 5Leaderboard
2020-07-13T14:21:23Z
Jul 13, 2020

No single product will detect all vulnerabilities. That is why in security we use the concept of "defense in depth". So for example, on the outside of the network, at the Internet/Enterprise edge, we should have a Next Generation Firewall (NGFW). Palo Alto or Cisco Firepower for example. These firewalls contain excellent vulnerability scanners, as well as URL filtering, DLP, anti virus, malicious file blocking, etc. Inside the network you want to protect endpoints with something like Symantec Enterprise Security. And you want to regulate access to switchports and wireless with a NAC, such as Forescout or ISE or Clearpass, among others.


When managing these various products, be sure to turn on all the automation you can. Human eyes are too unreliable and even the best teams will miss something. You also need to be sure to allow the products to drop packets containing threat vectors, send resets to hostile actors, etc.


And it goes without saying that if you don't lock down physical access to your networking equipment your network is toast anyway.

Search for a product comparison in Vulnerability Management
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a financial services firm with 5,001-10,000 employees
Real User
Top 5Leaderboard
2022-07-11T22:11:29Z
Jul 11, 2022

Yes, and this answer is valid for any 'vulnerability analysis software' and company, independently of port/size/tool. 


You can use all tools of the world and 'does not detect the entire spectrum of threats. 


Threats are dynamic and assets (both software and hardware) change every day. More important than a tool (#1 out of #999 at a scoreboard) is your continuous process. 

Vladimir Jirasek - PeerSpot reviewer
CEO at Foresight Cyber Ltd
Reseller
Top 5Leaderboard
2020-07-13T19:14:38Z
Jul 13, 2020

Short answer: No. Long one: start with vulnerability assessment for your key systems. These are: a) anything accessible to the Internet, b) your end-user devices (PC, laptops, mobile). To cover these two (and more), I can recommend Qualys which we have been using, designing and managing for 20 years now. Additionally, to really get your external perimeter clean (that includes DNS and email), I strongly recommend Hardenize. 


Happy to discuss in more detail as needed. 

George Fyffe - PeerSpot reviewer
Vice President at SecureCloudDB
User
2020-07-13T15:17:43Z
Jul 13, 2020

You wont find a single tool that will report on all the vulnerabilities that can crop up in your infrastructure. Such a tool would need to cover too many areas (On-Prem or Cloud, Network, Database(s)....). A better approach is to start by assessing what you absolutely must protect to protect your business. Work out what is critical and how it can be compromised. Then select tools to help you mitigate the risks. I would also recommend using tools that give you a Risk Assessment in an easily understood format. Some tools give pages and pages of data and leave you to figure out what it all means. If your are Public Cloud based, I would suggest you use a specialist tool such as SecureCloudDB to keep track of assets as they can spin up and down very quickly in the Cloud... so they can be part of your infrastructure without your knowledge. Equally, if you're not careful, they can come and go before you have had a chance to spot them.

Ram Balaji - PeerSpot reviewer
Pre-sales Engineer at VFM Systems And Services
Real User
2020-07-14T05:40:55Z
Jul 14, 2020

No. I think products work on vulnerability analysis have 2 streams, web application and endpoints/appliances. They don't concentrate on both at the same level. For application you can look into fortify and for endpoints/appliances you can try qualys, tenable and rapid7.

MR
User at A Toda Hora S.A
User
2020-07-13T21:45:02Z
Jul 13, 2020

It depends on the capabilities and reliability of the vulnerability analysis tool. In case of the tool has a high reliability and a low percentage of false positives and false negatives, it may be appropriate to have a single tool.

Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
656,474 professionals have used our research since 2012.
KimeangSuon - PeerSpot reviewer
Pre-Sale Consultant at Yip In Tsoi Co., LTD.
Real User
Top 5Leaderboard
2020-07-15T10:16:22Z
Jul 15, 2020

If such as vulnerability analysis on software or application as static code analysis or purpose of SDLC review, I think currently Checkmarx , Micro Focus or Veracode should consider to this. if this is your requirement.

Stuart Berman - PeerSpot reviewer
CTO at a tech company with 11-50 employees
Real User
Top 10
2020-07-13T19:33:56Z
Jul 13, 2020

What kind of 'vulnerability analysis' tool are you referring to? Static code analysis for code? If so there are a couple tools that cover most languages pretty well, Checkmark and Veracode. Or are you looking for vulnerability management tools like Qualys, Tenable or Rapid7?

Related Questions
VB
Senior Engineer at Lincoln Financial Group
Nov 25, 2022
Hello community,  I am a Senior Engineer at a large financial services firm. I am currently researching vulnerability management tools. Which tool would you recommend for vulnerability management in your infrastructure? We are particularly concerned post the Apache log4j vulnerability that was identified last year. Although we already have a vulnerability management tool, we want to see what...
See 2 answers
Antonio Scola - PeerSpot reviewer
Owner at SUNLIT TECHNOLOGIES
Nov 24, 2022
Hello I recommend you take a look at TANIUM.COM. It's a fantastic solution (actually, this is a PLATFORM)  in which you have some CORE modules and several modules (IT OPERATIONS & SECURITY) which can be deployed according to your needs. TANIUM may search LOG4J in several LIBRARIES across your infrastructure. On the other hand, the standard VulnMgmt tool cannot reach deep down into these libraries to find LOG4J vulnerabilities. All the Best! Cheers THONI SCOLA from SUNLIT Technologies in BRAZIL 
Nov 25, 2022
If you are looking for Vulnerability Assessment for IT Infra, then you can evaluate Qualys or Tenable.io (Nessus).
JW
User at Ant Financial
Mar 31, 2022
Hi security professionals, Companies like Fuzzbuzz, Forallsecure are introducing fuzzing platforms to the public. Have you ever used this or an alternative tool in your company?  How has your experience been with that fuzzing tool? Thanks for the help!
See 1 answer
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Mar 31, 2022
Hi @NagarajSheshachalam ​, @Nachu Subramanian , @KashifJamil ​, @Cuneyt KALPAKOGLU Phd. ​and @Jangsun KIM ​, Can you please help @JerryWang1 ​in answering this question or advising how to get the answers?
Related Articles
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the latest hot topics posted by your fellow PeerSpot Community members. Read articles, answer questions, and contribute to discussions that are relevant to you and your expertise. Or ask your peers for insight on topics that interest you! Trending Here are some topics that your peers are discussi...
See 1 comment
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
@Chris Childerhose, @PraveenKambhampati, @Deena Nouril, @Shibu Babuchandran and @reviewer1925439, Thank you for contributing your articles and sharing your professional knowledge with 618K PeerSpot community members around the globe as well as with a much bigger readers audience!
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
May 2, 2022
Hi peers, We're happy to share our new bi-weekly Community Spotlight with you. Here you'll find recent contributions by PeerSpot community members: questions, articles and trending discussions. Trending See what your peers are discussing at the moment! What to choose: an endpoint antivirus, an EDR solution, or both? What is your recommended IT Service Management (ITSM) tool in 2022? W...
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 7, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 5 Vulnerability Management Tools to ...
Moderator
davidstrom - PeerSpot reviewer
Owner at David Strom Inc.
Related Articles
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Community Spotlight #19
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the lates...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
May 2, 2022
Community Spotlight #13: Top Products and Solutions
Hi peers, We're happy to share our new bi-weekly Community Spotlight with you. Here you'll find ...
Download Free Report
Download our free Rapid7 InsightVM Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
656,474 professionals have used our research since 2012.