The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and many other features. • With a continuously updated library of more than 60,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus provides multi-scanner support, scales to serve the largest organizations, and is easy to deploy on premise or in the Amazon Web Services (AWS) cloud.
FEATURES • Broad Asset Coverage & Profiling Discovers a wide variety of physical and virtual devices on your corporate network and identifies the operating systems, applications, databases, and services running on those assets. • Mobile Device Auditing Integrates with Apple® Profile Manager, Microsoft® Exchange via Active Directory®, and Good Technology™ Good for Enterprise to provide a comprehensive view of an organization’s mobile/BYOD environment and its vulnerability status.
Botnet/Malicious Process/Anti-virus Auditing Detect known or suspicious malicious processes and botnets. Nessus enhances an organization's anti-virus strategy by red-flagging threats that often slip through the cracks, helping fight malware and advanced persistent threat (APT). • Patch Management Integration Integrates with patch management systems – IBM® Tivoli® Endpoint Manager (TEM) for Patch Management, Microsoft® SCCM, Microsoft® WSUS, Red Hat® Network Satellite Server, and VMware® Go – to retrieve status information for devices being managed by those systems.
Sensitive Content Auditing Performs agentless content audits of Windows- and UNIX-based systems to identify sensitive information (PII - credit cards, SSNs; “Top Secret”; employee data) and adult content. Use Nessus to audit and enforce policies that lower your organization's risk of breach or data loss. • SCADA/Control Systems Auditing Using SCADA plugins available through a partnership with Digital Bond, Nessus scans SCADA devices to find known and newly-discovered vulnerabilities. Nessus also audits compliance with configuration policies and best practices for SCADA environments.
Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.
Originally released in 1998 by Sourcefire founder and CTO Martin Roesch, Snort is a free, open source network intrusion detection and prevention system capable of performing real-time traffic analysis and packet logging on IP networks. Initially called a “lightweight” intrusion detection technology, Snort has evolved into a mature, feature-rich IPS technology that has become the de facto standard in intrusion detection and prevention. With over 4 million downloads and nearly 400,000 registered users, it is the most widely deployed intrusion prevention technology in the world. • Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. It uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plug-in architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients. Snort has three primary uses: a straight packet sniffer like tcpdump, a packet logger (useful for network traffic debugging, etc), or a full-blown network intrusion prevention system.
OpenSolaris was an open source computer operating system based on Solaris created by Sun Microsystems. It was also the name of the project initiated by Sun to build a developer and user community around the software. After the acquisition of Sun Microsystems in 2010, Oracle decided to discontinue open development of the core software, and replaced the OpenSolaris distribution model with the proprietary Solaris Express. • Prior to Oracle's moving of core development "behind closed doors", a group of former OpenSolaris developers decided to fork the core software under the name OpenIndiana. The project, a part of the Illumos Foundation, aims to continue the development and distribution of the OpenSolaris codebase.
OpenSolaris is a descendant of the UNIX System V Release 4 (SVR4) code base developed by Sun and AT&T in the late 1980s. It is the only version of the System V variant of UNIX available as open source. OpenSolaris is developed as a combination of several software consolidations that were open sourced subsequent to Solaris 10. It includes a variety of free software, including popular desktop and server software. On Friday, August 13, 2010, details started to emerge relating to the restructuring of the OpenSolaris project, the pending release of the new future commercial version of Solaris, Solaris 11, and how open source community interactions are being adjusted.
FEATURES • The open source OpenSolaris OS contains many new features not available in even the most current Solaris 10 updates, including simplified installation; a familiar, easy-toupdateenvironment; and built-in tools that make it easier to develop and deploy applications that run on a wide range of systems. • The full upgrades planned for every six months will include tools to enable seamless updates to the OS. • To make development more efficient and ensure faster, more consistent deployments, the OpenSolaris OS leverages key features of Solaris that aren’t available in any other operating system, including: • Solaris ZFS. With Solaris ZFS snapshots, you can test your ideas and then roll back to an earlier development point if a problem is discovered. (Solaris ZFS is the default file system for the OpenSolaris OS.) • DTrace. Dtrace provides pervasive observability to accelerate application development and optimization of Apache/MySQL/ PHP (AMP) and MySQL/Apache/Ruby/ Solaris (MARS) stacks • Solaris Containers. Solaris Containers technology lets you simulate and debug distributed applications in multiple zones and test multiple application server versions in identical environments, ensuring that applications can be deployed on a wide range of systems from single CPU through multi-CPU multicore systems. • Predictive Self Healing. This unique feature automatically diagnoses, isolates, and aids in recovery from hardware and application faults, enabling services to remain available in the face of catastrophic component, software, or configuration problems.
ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. The core ClamAV library is utilized in Immunet 3.0, powered by ClamAV, which is a fast, fully featured Desktop AV solution for Windows.
features • command-line scanner • fast, multi-threaded daemon with support for on-access scanning • milter interface for sendmail • advanced database updater with support for scripted updates and digital signatures • virus scanner C library • on-access scanning (Linux® and FreeBSD®) • virus database updated multiple times per day (see home page for total number of signatures) • built-in support for various archive formats, including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others • built-in support for almost all mail file formats • built-in support for ELF executables and Portable Executable files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others • built-in support for popular document formats including MS Office and MacOffice files, HTML, RTF and PDF