Scanners: New Nessus Release; New eEye Web Scanner
This must be the new scanners post. Tenable released version 3.2.0 of their popular Nessus vulnerability scanner and eEye enters the arena of web application scanners by releasing Retina Web App Scanner.
Tenable Network Security announced the availability of the new Nessus 3.2.0. This release sure looks promising because it brings quite a few new or improved features. It’s refreshing to see a software release which is not "security-bugs-fixing" driven:
This new major release contains several improvements, including:
- IPv6 support
- Improved control of network bandwidth usage during scanning
- Granular access to control rules to limit users to specific ports and audits
- Improved WMI support
- Full support for the new .nessus file format
The new Retina Web Security Scanner is not exactly a new security tool since it’s a custom version of NT Objectives NTOSpider Web app vulnerability scanner, and is integrated with eEye’s management console, REM.
This release is just a phase of eEye’s plans concerning the Web Scanner. Web security spells big business for eEye which intends to release an appliance-based version of this new scanner, says Morey Haber, vice president of product management at eEye.
If you enjoyed this post, make sure you subscribe to my RSS feed!
Today ArcSight announced that T-Mobile has chosen ArcSight ESM for Security Information and Event Management (SIEM) and Imperva SecureSphere Web Application Firewall won Information Security Magazine "strongest overall offering for application and database security" . Sweet !
When I started this blog, I wanted to offer free insights and reviews of various security tools which could help in mitigating various security risks. I still do, but I realized that technology is not enough. People are still the weakest link in the chain of security custody of information assets.
ScanSafe just launched 
A very short post :
Today I’ve seen the smallest security appliance ever ! The
Ha! Finally there is an official method to tell apart the security minded programmers from the rest of the coder crowd.
I’ve always thought that secure web applications must be built secure and no matter how many patches are released during an application’s life cycle, secure coding and secure code are the fundamental pillars of secure web. 
