Network Monitoring Software Exploit Reviews

Showing reviews of the top ranking products in Network Monitoring Software, containing the term Exploit
Tenable SecurityCenter Continuous View: Exploit
Director - Information Risk Management at a consultancy with 1,001-5,000 employees

My advice isn't vendor-specific, it's much more agnostic. Whoever is looking for a new solution for vulnerability management or configuration management, needs to ensure that they take their time. Develop a strong RFP process that's objective and quantitative and removes bias. Then, perform a well-thought-out PoC and let the data speak for itself. For me, it's extremely important that when you're planning on spending millions of dollars, or making a large purchase, that you remove any emotion or bias. You take the relationships out of the picture, and you let the best product win, given a certain use case.

In terms of Tenable focusing our resources on vulnerabilities which are most likely to be exploited, I can't say yes or no. One of the functions our team has is to focus on vulnerability research and emerging threats, and that was before there was ever a plugin created for Tenable. The team is actually really proactive in identifying vulnerabilities through manual research. That's where a lot of the critical stuff comes from. We'll find something critical before the scanning vendors even have a check for it.

The output of Tenable is used by dozens of folks, primarily engineers. Tenable itself, as a platform, is used by 15 or 20 folks. Most of them are vulnerability analysts and some of them are platform engineers. There are a dozen or so executive leaders who reference Tenable's data, as well. We built some 50 dashboards, tailored to a given audience, so that they can see near real-time results. For example, our CIO has an enterprise goal of reducing X percent of vulnerabilities in our enterprise, so we've built out specific dashboards reflecting all of that work. Maintenance of the product requires one person, and it's not a full-time position. For deployment, I had two people, who are security analysts. I actually did not need software engineers to do it.

We're using Tenable very extensively. Some of the feedback I got from Tenable this week is that we're actually one of their more mature clients. And we are expanding our usage. Our company was procured in early December last year, and we'll be expanding not only the scope of what we currently use but also increasing some of the functionality.

For traditional, network-based vulnerability management, I would rate Tenable a nine out of ten. For dynamic application scanning, it's a two out of ten. Overall, I'd put Tenable at a seven out of ten, which is still definitely higher than any of the other technologies that operate in the market. I think this segment of the market is a bit confused. There are too many companies looking to be a silver-bullet and own it all, and their strategy is a bit confused.

View full review »
Senior Information Technology Security Engineer at a insurance company with 10,001+ employees

SecurityCenter enables us to find all the vulnerabilities, export that data, prioritize it, and address the highest-risk vulnerabilities. That is definitely the main goal of the tool and it wouldn't be possible without the scanning technology accurately assessing the environment. 

It helps to limit our cyber exposure because every time we identify one of the exposed or high-risk vulnerabilities and enclose that, or address it, it reduces the overall exposure. This solution is just one tool in the whole chain that helps accomplish that. It is a very critical component, but it's not doing it in a vacuum.

The scanning helps us focus resources on the vulnerabilities that are most likely to be exploited. We're just starting to look into doing the compliance policies. That will be the next step. Right now, we're reactive, addressing vulnerabilities that are detected. We'd like to identify misconfigurations upfront, address those to speed things up, and reduce the resource cost. If you let a bad image go out to production, and deploy it on 50 systems, you have 50 tickets instead of a single place to fix it. That's what we're looking to leverage next.

In terms of financial value, within PCI compliance especially, if you don't have a scanner in place or you're not conducting PCI scans, you can't participate in the credit industry and accept credit cards. That's a requirement and a role that Tenable fills, one that must be addressed through regulation. We are also subject to GRC and a couple of others which are directly addressed, or a component of them is addressed, through Tenable and scans that it runs.

View full review »
Plixer Scrutinizer: Exploit
reviewer1249062 says in a Plixer Scrutinizer review
Network Manager at a energy/utilities company with 5,001-10,000 employees

We have tried to extract a map of data flow information, but I think we have to use a JSON query with API in order to query Scrutinizer to pull out some information in order to make some correlation with other third-party tools. We never had the opportunity to do this. It is something that would be nice to do, but it's very labor intensive.

I really would like to exploit the metadata to match it with other applications using the API, but this is not yet available. I'm not sure that we'll go that way because all the work that we have to do in order just to extract the metadata from Scrutinizer. We'll have to correlate with all the information from other systems. For that reason, I'm not sure it's going to happen. It will be very interesting though. 

I would like them to improve the update process. It's so complicated now that it switched to Linux. This makes the server more stable because before we were running it on Windows. The fact that they use Linux is very good and makes it more stable. However, updates never happen in one day or on our own. So, every time we need to call Plixer to proceed with the update, and they are very efficient in that. However, if they could make it a bit easier to upgrade, e.g., a click from the web interface to update the system, this would be nice.

For updating the Scrutinizer platform, when we have the actual data, it never happens in one day. Every time we have the data, we are obliged to install a new server in order to integrate the old data, and every time it has a problem. Most of the time, we were obliged to scrap all the data because we couldn't transfer it to the new server. So, it would be very good if they could improve this part.

Concerning the NetFlow, we have encountered many issues with some routers that don't send proper tickets. All the time, we're obliged to logon to SSH and run pcap. Pcap is just the packet capture. We are obliged to enter into the Linux to run some pcap on the common line, which is not great. It would be very nice if they integrated the pcap features through the web in order to analyze them. It's very easy. Most of the tools that we're using, and that are on the market, provide this feature. It would be great if Plixer integrated the pcap functionality through the web interface without having to enter into the Linux system.

The security part could also be improved. It would be great if they could implement a better algorithm inside the Scrutinizer to detect if there were attacks. The current algorithm to check if there has been a DNS attack is very light.

View full review »