Hi, all!We at Umatilla County are looking into the possibility of setting up a vulnerability and risk management solution, and we were wondering what other agencies may be using. We had a demonstration of NeXpose from Rapid7, and were pretty impressed with its capabilities.
Does anyone currently use NeXpose and if so, how did you go about purchasing it? Was it available on a state purchasing contract?
If you use a different system, does it 1) check for vulnerabilities within your network 2) allow you to probe from outside your network3) does it check for holes within web application software and with databases, such as Oracle and MS SQL
Any info would be greatly appreciated, and this might make for good discussion at the upcoming conference.
Thanks! Eric Jensen Umatilla County CIS <http://en.wikipedia.org/wiki/Risk_management> -- Eric Jensen Umatilla County Computer Information Services 216 SE 4th Pendleton, OR 97801 541-278-6261 541-278-5463 (fax)