I've been using Mantis (which is actually a software bug-tracking system) to
track all the security issues, and it's been working out very well. URL is
http://www.mantisbugtracker.com/
On 4/13/07, xelerated <xelerated@gmail.com> wrote:
> I have a question for the pen test community.
>
> Does anyone have a free (OSS or other) way to take your vuln scan data
> (nessus in this case)
> and do tracking and remediation?
>
> As it sits now, I scan at work atleast 300 machines a month, and my
> monthly list is growing, and will soon include subnets as well.
>
> I used to take the pipe delimited format and run it through excel and
> work with it from there.
> and that worked fine back when I was only scanning 200 a month max but
> its become extremely cumbersome.
>
> Also, if there is no such good tool out there, im no coder, but if
> others out there would like to work on such a project id like to do
> that too.
>
> Thanks!
Kevin Reiter
Senior Security Engineer
Financial Services, Inc.
21 Harristown Road
Glen Rock, New Jersey 07452
(201)652-6000, ext. 588
PGP ID: 0xEE665233
This message may contain confidential or proprietary information and is
intended solely for the individual(s) to whom it is addressed. If you are not
a named addressee you should not disseminate, distribute or copy this e-mail or
act upon the information contained herein. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and delete
this e-mail from your system.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
|