Saturday, May 24, 2008

Freebie: Qualys FreeScan

Qualys offers a free sample scan of a single public facing IP using their QualysGuard software as a service vulnerability scanner. It's worth a try if you're looking at vulnerability scanning products, and is an easy way to take a look at a machine using a commercial scanner.

You can sign up here for a 14 day trial - they'll want to sell you their product, of course:


Qualys provides two related, and quite useful products - PCI scanning, and general vulnerability scanning. Their software as a service approach is different than many, although more companies are adopting it, and it is useful, as it cuts out system and software maintenance costs, and makes scaling easy by simply adding small appliances. You can literally throw a scanner in your briefcase, plug it into a network with outbound network access, and use it. That's pretty neat, particularly for auditors. I really like the ability to have a scanner that doesn't require system hardware and software maintenance. The entirety of the support for the devices is either the Dogbert solution (shut up and reboot!), or having Qualys drop ship you a new one if something fails.

The current implementation does have limitations as you scale up - their hierarchical user and system management definitely needs work, but in my experience, it is one of the best vulnerability scanner systems I've used. Better, system administrators and security operations staffers that I work with have generally found it easier to use, and of course easier to maintain than open source products.

The real gotcha? Qualys prices their product at the high end of the range. That's a hard pill to swallow in small and mid-size environments, but may be justifiable in larger organizations. If you are already using Qualys, their PCI compliance scans are quite reasonable, and may help to allay the cost.

2 comments:

Katty Girl said...

outscan is better

David said...

katty girl - can you offer any reasons why? I haven't seen any reviews of the product. Outpost24's web presence appears limited to their own press releases and website, with no obvious third party coverage such as reviews or user comments.