We want to perform a security check of our Web servers architecture from the outside (Internet external access).
I'm looking for either
- a company providing such a service, please provide recommendations
- a tool that could perform exhaustive checks, without affecting the well-running of the platform
This is something we want to do on a regular basis (every 6 months).
That service or tool should be able to perform hacker-like attacks (but no DOS) in order to ensure we are not vulnerable to known hacking methods (or system not patched etc...).
From serverfault
ring0
-
Nessus or netsparker come to mind if you want to run them yourself. Nessus is the one that most of the Visa CISP compliance companies run.
ring0 : Thanks. Had a look at Nessus home page. It requires a 1,200$ yearly subscription. If anyone has a preference please post it.halp : OpenVAS is a free alternative to Nessus.ring0 : Thanks for the tip.From karmawhore
0 comments:
Post a Comment