Vulnerability Assessment Products

Vulnerability Assessment Products

Product Name

Description

ActiveSentry (Intranode)

Delivers complete security analysis and comprehensive reports including risk assessment and vulnerability analysis. Moreover, it recommends fixes to eliminate uncovered weaknesses. Being a web-based service, ActiveSentry™ requires no installation (neither software, nor hardware) and no training. Only an SSL-compliant browser is needed. Intranode’s exclusive breakthroughs put real power behind ActiveSentry’s™ original components: Security Assessment Engine, Progressive scanning technology, Parallel processing of checks, Intelligent deductive scanning capabilities, Security Assessment Model,
Enhanced risk-assessment technology and Unique security-level analysis.

CA-Examine (Computer Associates)

Helps identify and control MVS security exposures, viruses, trap doors, Trojan horses and logic bombs that can destroy production dependability and circumvent existing security mechanisms. Through the use of expert system techniques and an English-language interface, CA-Examine instantly provides information that is difficult or impossible to obtain from other sources. It also identifies potential problems, makes suggestions and answers questions. CA-Examine supports the new Product Verification Interface (PVI) that establishes traceability of system software products and identifies proper installation requirements for a growing number of Computer Associates systems products. The CA/Examine analysis and display functions save valuable time for data center managers, security administrators, operations people, quality assurance personnel and others who need to know current MVS system options, parameters and status information.

CARP (CERIAS)

Free report summary software. Produces summary output from distributed COPS reports.

Chkpwd (CERIAS)

Free software used to check for easily guessable passwords. Based on the 1988 Internet worm.

Cisco Secure Scanner (Cisco Systems)

An enterprise-class software tool offering superior network system identification, innovative data management, flexible user-defined vulnerability rules, comprehensive security reporting capabilities, and Cisco 24x7 worldwide support. Cisco Secure Scanner is a key component in Cisco's comprehensive network security solutions. NetSonar allows users to measure security, manage risk, and eliminate security vulnerabilities enabling more secure network environments.

COPS (CERIAS)

Free software to automate the process of performing a number of security checks on UNIX systems.

Database Scanner (ISS)

Specifically for protecting database applications via security policy creation, compliance and enforcement. Database Scanner automatically identifies potential security exposures in database systems, ranging from weak passwords to Year 2000 compatibility to Trojan horses. Its built-in knowledge base, directly accessible from easily-understood reports, recommends corrective action for violations and non-compliance. Available for Oracle, Microsoft SQL Server and Sybase databases, Database Scanner facilitates ongoing database security improvement within a familiar ISS Adaptive Network Security framework.

HackerShield (Bindview Development)

Find holes that a hacker will use to break into your network. Find security holes that are created with network changes. Always be up-to-date with the latest security threats. Get detailed, step-by-step instructions for closing security holes. Prepare for a security audit.

Hobgoblin (CERIAS)

Free software that checks for changes in UNIX file attributes.

I.C.U...MVS (Janus Associates)

Determines where access control rules may be set in conflict or where some singular change in the complex structure may have created an exposure. It allows the user to work at either a summary or detail level, quickly determining if any problems might exist, or to "peel back the layers of the onion" down to the actual code level -- becoming more and more detailed, as the situation requires. When an immediate need arises, use the real-time capabilities. When time is no problem, submit a batch job for later.

Inspectorscan (Shavlik Security Technologies)

Exposes real and potential security loopholes that exist in your internal systems. Inspectorscan can scan the system in your enterprise for a wide variety of security flaws. inspectorscan provides the tools to secure your Windows NT enterprise checking for more than 700 items.

Internet Scanner (ISS)

Performs scheduled and selective probes of your network's communication services, operating systems, key applications, and routers in search of those vulnerabilities most often used by unscrupulous threats to probe, investigate, and attack your network. Internet Scanner then analyzes your vulnerability conditions and provides a series of corrective action, trends analysis, conditional, and configuration reports and data sets.

Kane Security Analyst (Intrusion.com)

A network security assessment tool that provides a fast, thorough analysis of network security for Windows NT and Novell NetWare. The KSA compares your network security configuration with industry best practices or your own organizational security policy. In minutes, you can discover your network’s areas of vulnerability and take corrective action. The KSA includes customizable reports that can be compiled into an attractive audit presentation for your management team.

Nessus (Nessus)

Free, up-to-date security scanner.

NetRecon (Axent Technologies)

Executes multiple scans simultaneously to quickly find, analyze and report perimeter and internal security vulnerabilities. NetRecon applies a unique patent-pending technology that operates in a collaborative tiger team approach to reveal hidden threats.

Nfsbug (CERIAS)

Free software that checks for common NFS vulnerabilities.

NMAP (CERIAS)

Free port scanning software.

NTCrack (CERIAS)

Free software to check for weak passwords in Windows NT.

PhoneSweep (Sandstorm Enterprises)

Designed to help organizations detect dial-in modems that can violate your security policy. Many break-ins in recent years have come not through the Internet, but through unauthorized dial-up modems. PhoneSweep lets you find these modems and shut them down before the bad guys use the same modems to break into your systems. PhoneSweep is an important tool for managing increasingly complex telephone systems.

Pmutil (CERIAS)

Free software to detect promiscuous mode interfaces.

Policy Compliance Manager (Computer Associates)

Identifies potential security problems in your system and provides reports and scripts to correct them. It can be customized to generate high-level or very detailed reports, for areas as specific as a single server or as broad as your entire enterprise.

Quickinspector (Shavlik Security Technologies)

Searches out unauthorized Administration Accounts. Hidden accounts may have been set up by employees or contractors, that serve to allow access. Seeks out passwords that are over 30 days old. Locates failures to change passwords regularly, and especially when an employee leaves the company or a contractor service technician changes jobs. Finds dormant accounts that are over 30 days old. Finds and reports these accounts which indicate if someone has left the company and their account remains active.

Retriever (L-3 NetworkSecurity)

Proactive network security management tool that helps you preserve the availability of network services and protect the reliability and confidentiality of critical information. Easy to install, use and maintain, it can be rapidly deployed throughout an organization with minimal effort and cost. Retriever automatically discovers network components, unobtrusively identifies vulnerabilities, provides safeguard and policy recommendations and performs customizable network audits. Unlike other security tools, Retriever helps develop a baseline security level for implementing best-practice security policies that can be monitored and enforced as frequently as desired without jeopardizing network performance.

S10SCAN (CERIAS)

Free port scanning software.

SAM Internet Scanner (Schumann Security Software)

Provides automated security vulnerability detection and analysis for devices on a network and supports the security risk management process from policy development through implementation. In addition, SAM/IS performs scheduled or event-driven probes of network communication services, operating systems, routers, e-mail, Web servers, firewalls and applications to identify weaknesses that could be exploited by intruders to gain access to the network.

SAM System Scanner (Schumann Security Software)

A host-based security assessment system that helps manage network security risks through comprehensive detection and analysis of operating system, application and user-controlled security weaknesses. SAM/S2 identifies potential security exposures by comparing security policy with actual host computer configurations. Potential risks include missing security patches, dictionary-crackable passwords, inappropriate user privileges, incorrect file system access rights, insecure service configurations and suspicious activity that might indicate an intrusion.

SATAN (CERIAS)

Free vulnerability scanning software. Dan Farmer's classic tool.

SARA (Advanced Research Corporation)

Security Auditor's Research Assistant. A third generation Unix-based security analysis tool that is: SANS/ISTS Certified; CVE standards support; Enterprise search module; Sandalone or daemon mode; Free-use open license; Updated twice a month; User extension support; Based on the SATAN model.

SECURED (Computer Associates)

Keeps Netscape, Apache, Sendmail, FireWall-1 and other critical application servers safe from hackers and system vulnerabilities. Pre-configured policies take the guesswork out of security by protecting the critical system and application resources. SECURED's patent-pending STOP (Stack Overflow Protection) technology protects Internet servers from common attacks that threaten uptime, content and configuration.

Sentinel (Subterrain Security Group)

Free software download. The Sentinel project is designed to be a portable, accurate implementation of all publicly known promiscuous detection techniques. Sentinel currently supports 3 methods of remote promiscuous detection: The DNS test, Etherping test, and ARP test. Support for the ICMP Ping Latency test is under development.

SFProtect Mobile (Agilent)

Resides on a laptop computer to provide you with the same scan-and-fix functionality of SFProtect-Server in a portable toolkit for consultants or systems administrators who need a fly-away capability. The comprehensive reporting features allows you to tailor your reports to a variety of audiences that include auditors, IT directors, systems administrators, and corporate executives.

SFProtect Server (Agilent)

Used to build your security policy, scan the server for vulnerabilities, and then automatically fix these vulnerabilities with its convenient and intuitive user interface.

System Scanner (ISS)

Provides host-based security assessment analyzing security weaknesses not visible to network scanning. While the Internet Scanner determines vulnerabilities by scanning devices at the network level, System Scanner detects vulnerabilities internally on the system level through an System Scanner agent resident on network devices. These System Scanner agents allow a security policy to be implemented, managed and controlled across an enterprise from a central point. Each security risk is prioritized by System Scanner based on its relative severity. Once a system has been secured, System Scanner locks down that system's configuration with a digital fingerprint, making it easier to detect unauthorized tampering. System Scanner agents are available for Windows NT and many popular UNIX platforms.

Tiger (CERIAS)

Free system security scanning tool.

Trojan (CERIAS)

Free trojan horse checking program.

VigilEnt Security Agent for AS/400 (PentaSafe)

Simplifies the auditing, implementation and management of security on IBM AS/400 systems. Provides centralized security management for all AS/400 systems. Pinpoints potential security exposures across multiple IBM AS/400s through scheduled audits and security check-up reports. Take corrective action immediately from security assessment reports on-screen with ActiveAudit(tm) Technology. Manage from the VigilEnt Security Manager, the VigilEnt Security Agent for AS/400 Web Browser Interface, or the operating system. Enables centralized user administration across multiple AS/400s. Manage across heterogeneous environments including IBM AS/400, Windows NT, UNIX and Web Servers from a central point of control.

VigilEnt Security Agent for BEA WebLogic Server(tm) (PentaSafe)

Comprehensively assesses the security and enables the lockdown of BEA WebLogic Server deployments. VSA for BEA WebLogic Server is the latest addition to PentaSafe's VigilEnt Enterprise Security Management Solution that audits, secures and detects operating systems, databases, applications and now BEA WebLogic Server.

VigilEnt Security Agent for Databases (PentaSafe)

BrainTree products from PentaSafe are the leading security solution for relational databases used by client/server and Intranet applications. By deploying security at the database level, BrainTree protects mission-critical data from threats regardless of their origin. The BrainTree solution has been designed as a set of integrated components - Password Manager, Database Security Manager, Audit Manager and Policy Manager - that can be deployed individually so that critical requirements may be addressed as needed without slowing down the implementation process. BrainTree's architecture and unique integration with database applications provide for quick installation and simplified support.

VigilEnt Security Agent for UNIX (PentaSafe)

Simplifies the auditing, implementation and management of UNIX security. Consolidates user administration across UNIX systems. Pinpoints potential security exposures in your UNIX environment through scheduled audits and security checkup reports. Managed from the VigilEnt Security Manager or the VigilEnt Security Agent Web Browser Interface. Integrates with VigilEnt Security Manager to provide an enterprise-wide security solution for operating systems, databases, applications, and Web servers.

VigilEnt Security Agent for Web Servers (PentaSafe)

Simplifies the auditing, implementation and management of security on Apache, Netscape, and Microsoft web servers. Monitors and generates alerts if damage is detected to Web site configuration and can automatically roll back to the previous archived version of the site. Reports unauthorized access and security exposures. Simplifies the implementation and management of Web Server security. Guards the contents of the Web site, isolates proprietary information

VigilEnt Security Agent for Windows NT/2000 (PentaSafe)

Simplifies the auditing, implementation and management of Windows NT and Windows 2000 security. Provides centralized security management of your Windows NT systems and domains. Monitors system activity with real time notification of suspicious activity. Pinpoints potential security exposures in your Windows NT environment through scheduled audits. Manages and monitors Windows 2000 and Windows NT 4.0 from a common console. Integrates with VigilEnt Security Manager to provide an enterprise-wide security solution for operating systems, databases, applications, and Web servers.

VigilEnt Security Manager (PentaSafe)

Provides a comprehensive centralized, cross-platform tool for enterprise-wide auditing and security management. VigilEnt Security Manager integrates with VigilEnt Security Agents for Windows NT, AS/400, Solaris, AIX, HP-UX, Linux, and Web servers (Apache, Netscape/iPlanet, and Microsoft IIS).

VSApass (VSApass)

Free password checking tool. VSApass is a freeware password checking tool. It is created for admins, which want to check safety of users passwords in their systems. VSApass use standard brute-force dictionary checking method. Passwords can be automatically enhanced by numbers, have doubled core, be reverse etc. For full possibility of configuration see default config file and read section 4 of this document ("About config file"). VSApass currently support password authenticated methods/protocols: http basic, POP3, FTP. VSApass support now multiprocess operation to check multiple passwords at one time. This feature speed'up verification of passwords. VSApass binary package was compiled and tested in Linux Slackware 7.0 system. It should working on all glibc 2.1.2 or compatible systems. VSApass package include password.txt dictionary, which I found somewhere in Internet. VSApass use "base64.pas" unit (c)1996 Hendrik T.Voelker for code passwords by http basic authentication. This unit is included in source package and is freely available in SWAG.

WebTrends Security Analyzer (WebTrends)

Discovers and fixes the latest known security vulnerabilities on Internet, intranet and extranet hosts. Systems are analyzed on demand or at scheduled intervals, allowing prioritization and comparative reports to be generated including recommended fixes that resolve possible threats. The built-in AutoSync technology seamlessly updates WebTrends Security Analyzer with the latest security tests for the most current vulnerability analysis available.

Whisker (RainForestPuppy)

Freeware CGI scanner.

Vulnerability Assessment Products
Product Name	Description
ActiveSentry (Intranode)	Delivers complete security analysis and comprehensive reports including risk assessment and vulnerability analysis. Moreover, it recommends fixes to eliminate uncovered weaknesses. Being a web-based service, ActiveSentry™ requires no installation (neither software, nor hardware) and no training. Only an SSL-compliant browser is needed. Intranode’s exclusive breakthroughs put real power behind ActiveSentry’s™ original components: Security Assessment Engine, Progressive scanning technology, Parallel processing of checks, Intelligent deductive scanning capabilities, Security Assessment Model, Enhanced risk-assessment technology and Unique security-level analysis.
CA-Examine (Computer Associates)	Helps identify and control MVS security exposures, viruses, trap doors, Trojan horses and logic bombs that can destroy production dependability and circumvent existing security mechanisms. Through the use of expert system techniques and an English-language interface, CA-Examine instantly provides information that is difficult or impossible to obtain from other sources. It also identifies potential problems, makes suggestions and answers questions. CA-Examine supports the new Product Verification Interface (PVI) that establishes traceability of system software products and identifies proper installation requirements for a growing number of Computer Associates systems products. The CA/Examine analysis and display functions save valuable time for data center managers, security administrators, operations people, quality assurance personnel and others who need to know current MVS system options, parameters and status information.
CARP (CERIAS)	Free report summary software. Produces summary output from distributed COPS reports.
Chkpwd (CERIAS)	Free software used to check for easily guessable passwords. Based on the 1988 Internet worm.
Cisco Secure Scanner (Cisco Systems)	An enterprise-class software tool offering superior network system identification, innovative data management, flexible user-defined vulnerability rules, comprehensive security reporting capabilities, and Cisco 24x7 worldwide support. Cisco Secure Scanner is a key component in Cisco's comprehensive network security solutions. NetSonar allows users to measure security, manage risk, and eliminate security vulnerabilities enabling more secure network environments.
COPS (CERIAS)	Free software to automate the process of performing a number of security checks on UNIX systems.
Database Scanner (ISS)	Specifically for protecting database applications via security policy creation, compliance and enforcement. Database Scanner automatically identifies potential security exposures in database systems, ranging from weak passwords to Year 2000 compatibility to Trojan horses. Its built-in knowledge base, directly accessible from easily-understood reports, recommends corrective action for violations and non-compliance. Available for Oracle, Microsoft SQL Server and Sybase databases, Database Scanner facilitates ongoing database security improvement within a familiar ISS Adaptive Network Security framework.
HackerShield (Bindview Development)	Find holes that a hacker will use to break into your network. Find security holes that are created with network changes. Always be up-to-date with the latest security threats. Get detailed, step-by-step instructions for closing security holes. Prepare for a security audit.
Hobgoblin (CERIAS)	Free software that checks for changes in UNIX file attributes.
I.C.U...MVS (Janus Associates)	Determines where access control rules may be set in conflict or where some singular change in the complex structure may have created an exposure. It allows the user to work at either a summary or detail level, quickly determining if any problems might exist, or to "peel back the layers of the onion" down to the actual code level -- becoming more and more detailed, as the situation requires. When an immediate need arises, use the real-time capabilities. When time is no problem, submit a batch job for later.
Inspectorscan (Shavlik Security Technologies)	Exposes real and potential security loopholes that exist in your internal systems. Inspectorscan can scan the system in your enterprise for a wide variety of security flaws. inspectorscan provides the tools to secure your Windows NT enterprise checking for more than 700 items.
Internet Scanner (ISS)	Performs scheduled and selective probes of your network's communication services, operating systems, key applications, and routers in search of those vulnerabilities most often used by unscrupulous threats to probe, investigate, and attack your network. Internet Scanner then analyzes your vulnerability conditions and provides a series of corrective action, trends analysis, conditional, and configuration reports and data sets.
Kane Security Analyst (Intrusion.com)	A network security assessment tool that provides a fast, thorough analysis of network security for Windows NT and Novell NetWare. The KSA compares your network security configuration with industry best practices or your own organizational security policy. In minutes, you can discover your network’s areas of vulnerability and take corrective action. The KSA includes customizable reports that can be compiled into an attractive audit presentation for your management team.
Nessus (Nessus)	Free, up-to-date security scanner.
NetRecon (Axent Technologies)	Executes multiple scans simultaneously to quickly find, analyze and report perimeter and internal security vulnerabilities. NetRecon applies a unique patent-pending technology that operates in a collaborative tiger team approach to reveal hidden threats.
Nfsbug (CERIAS)	Free software that checks for common NFS vulnerabilities.
NMAP (CERIAS)	Free port scanning software.
NTCrack (CERIAS)	Free software to check for weak passwords in Windows NT.
PhoneSweep (Sandstorm Enterprises)	Designed to help organizations detect dial-in modems that can violate your security policy. Many break-ins in recent years have come not through the Internet, but through unauthorized dial-up modems. PhoneSweep lets you find these modems and shut them down before the bad guys use the same modems to break into your systems. PhoneSweep is an important tool for managing increasingly complex telephone systems.
Pmutil (CERIAS)	Free software to detect promiscuous mode interfaces.
Policy Compliance Manager (Computer Associates)	Identifies potential security problems in your system and provides reports and scripts to correct them. It can be customized to generate high-level or very detailed reports, for areas as specific as a single server or as broad as your entire enterprise.
Quickinspector (Shavlik Security Technologies)	Searches out unauthorized Administration Accounts. Hidden accounts may have been set up by employees or contractors, that serve to allow access. Seeks out passwords that are over 30 days old. Locates failures to change passwords regularly, and especially when an employee leaves the company or a contractor service technician changes jobs. Finds dormant accounts that are over 30 days old. Finds and reports these accounts which indicate if someone has left the company and their account remains active.
Retriever (L-3 NetworkSecurity)	Proactive network security management tool that helps you preserve the availability of network services and protect the reliability and confidentiality of critical information. Easy to install, use and maintain, it can be rapidly deployed throughout an organization with minimal effort and cost. Retriever automatically discovers network components, unobtrusively identifies vulnerabilities, provides safeguard and policy recommendations and performs customizable network audits. Unlike other security tools, Retriever helps develop a baseline security level for implementing best-practice security policies that can be monitored and enforced as frequently as desired without jeopardizing network performance.
S10SCAN (CERIAS)	Free port scanning software.
SAM Internet Scanner (Schumann Security Software)	Provides automated security vulnerability detection and analysis for devices on a network and supports the security risk management process from policy development through implementation. In addition, SAM/IS performs scheduled or event-driven probes of network communication services, operating systems, routers, e-mail, Web servers, firewalls and applications to identify weaknesses that could be exploited by intruders to gain access to the network.
SAM System Scanner (Schumann Security Software)	A host-based security assessment system that helps manage network security risks through comprehensive detection and analysis of operating system, application and user-controlled security weaknesses. SAM/S2 identifies potential security exposures by comparing security policy with actual host computer configurations. Potential risks include missing security patches, dictionary-crackable passwords, inappropriate user privileges, incorrect file system access rights, insecure service configurations and suspicious activity that might indicate an intrusion.
SATAN (CERIAS)	Free vulnerability scanning software. Dan Farmer's classic tool.
SARA (Advanced Research Corporation)	Security Auditor's Research Assistant. A third generation Unix-based security analysis tool that is: SANS/ISTS Certified; CVE standards support; Enterprise search module; Sandalone or daemon mode; Free-use open license; Updated twice a month; User extension support; Based on the SATAN model.
SECURED (Computer Associates)	Keeps Netscape, Apache, Sendmail, FireWall-1 and other critical application servers safe from hackers and system vulnerabilities. Pre-configured policies take the guesswork out of security by protecting the critical system and application resources. SECURED's patent-pending STOP (Stack Overflow Protection) technology protects Internet servers from common attacks that threaten uptime, content and configuration.
Sentinel (Subterrain Security Group)	Free software download. The Sentinel project is designed to be a portable, accurate implementation of all publicly known promiscuous detection techniques. Sentinel currently supports 3 methods of remote promiscuous detection: The DNS test, Etherping test, and ARP test. Support for the ICMP Ping Latency test is under development.
SFProtect Mobile (Agilent)	Resides on a laptop computer to provide you with the same scan-and-fix functionality of SFProtect-Server in a portable toolkit for consultants or systems administrators who need a fly-away capability. The comprehensive reporting features allows you to tailor your reports to a variety of audiences that include auditors, IT directors, systems administrators, and corporate executives.
SFProtect Server (Agilent)	Used to build your security policy, scan the server for vulnerabilities, and then automatically fix these vulnerabilities with its convenient and intuitive user interface.
System Scanner (ISS)	Provides host-based security assessment analyzing security weaknesses not visible to network scanning. While the Internet Scanner determines vulnerabilities by scanning devices at the network level, System Scanner detects vulnerabilities internally on the system level through an System Scanner agent resident on network devices. These System Scanner agents allow a security policy to be implemented, managed and controlled across an enterprise from a central point. Each security risk is prioritized by System Scanner based on its relative severity. Once a system has been secured, System Scanner locks down that system's configuration with a digital fingerprint, making it easier to detect unauthorized tampering. System Scanner agents are available for Windows NT and many popular UNIX platforms.
Tiger (CERIAS)	Free system security scanning tool.
Trojan (CERIAS)	Free trojan horse checking program.
VigilEnt Security Agent for AS/400 (PentaSafe)	Simplifies the auditing, implementation and management of security on IBM AS/400 systems. Provides centralized security management for all AS/400 systems. Pinpoints potential security exposures across multiple IBM AS/400s through scheduled audits and security check-up reports. Take corrective action immediately from security assessment reports on-screen with ActiveAudit(tm) Technology. Manage from the VigilEnt Security Manager, the VigilEnt Security Agent for AS/400 Web Browser Interface, or the operating system. Enables centralized user administration across multiple AS/400s. Manage across heterogeneous environments including IBM AS/400, Windows NT, UNIX and Web Servers from a central point of control.
VigilEnt Security Agent for BEA WebLogic Server(tm) (PentaSafe)	Comprehensively assesses the security and enables the lockdown of BEA WebLogic Server deployments. VSA for BEA WebLogic Server is the latest addition to PentaSafe's VigilEnt Enterprise Security Management Solution that audits, secures and detects operating systems, databases, applications and now BEA WebLogic Server.
VigilEnt Security Agent for Databases (PentaSafe)	BrainTree products from PentaSafe are the leading security solution for relational databases used by client/server and Intranet applications. By deploying security at the database level, BrainTree protects mission-critical data from threats regardless of their origin. The BrainTree solution has been designed as a set of integrated components - Password Manager, Database Security Manager, Audit Manager and Policy Manager - that can be deployed individually so that critical requirements may be addressed as needed without slowing down the implementation process. BrainTree's architecture and unique integration with database applications provide for quick installation and simplified support.
VigilEnt Security Agent for UNIX (PentaSafe)	Simplifies the auditing, implementation and management of UNIX security. Consolidates user administration across UNIX systems. Pinpoints potential security exposures in your UNIX environment through scheduled audits and security checkup reports. Managed from the VigilEnt Security Manager or the VigilEnt Security Agent Web Browser Interface. Integrates with VigilEnt Security Manager to provide an enterprise-wide security solution for operating systems, databases, applications, and Web servers.
VigilEnt Security Agent for Web Servers (PentaSafe)	Simplifies the auditing, implementation and management of security on Apache, Netscape, and Microsoft web servers. Monitors and generates alerts if damage is detected to Web site configuration and can automatically roll back to the previous archived version of the site. Reports unauthorized access and security exposures. Simplifies the implementation and management of Web Server security. Guards the contents of the Web site, isolates proprietary information
VigilEnt Security Agent for Windows NT/2000 (PentaSafe)	Simplifies the auditing, implementation and management of Windows NT and Windows 2000 security. Provides centralized security management of your Windows NT systems and domains. Monitors system activity with real time notification of suspicious activity. Pinpoints potential security exposures in your Windows NT environment through scheduled audits. Manages and monitors Windows 2000 and Windows NT 4.0 from a common console. Integrates with VigilEnt Security Manager to provide an enterprise-wide security solution for operating systems, databases, applications, and Web servers.
VigilEnt Security Manager (PentaSafe)	Provides a comprehensive centralized, cross-platform tool for enterprise-wide auditing and security management. VigilEnt Security Manager integrates with VigilEnt Security Agents for Windows NT, AS/400, Solaris, AIX, HP-UX, Linux, and Web servers (Apache, Netscape/iPlanet, and Microsoft IIS).
VSApass (VSApass)	Free password checking tool. VSApass is a freeware password checking tool. It is created for admins, which want to check safety of users passwords in their systems. VSApass use standard brute-force dictionary checking method. Passwords can be automatically enhanced by numbers, have doubled core, be reverse etc. For full possibility of configuration see default config file and read section 4 of this document ("About config file"). VSApass currently support password authenticated methods/protocols: http basic, POP3, FTP. VSApass support now multiprocess operation to check multiple passwords at one time. This feature speed'up verification of passwords. VSApass binary package was compiled and tested in Linux Slackware 7.0 system. It should working on all glibc 2.1.2 or compatible systems. VSApass package include password.txt dictionary, which I found somewhere in Internet. VSApass use "base64.pas" unit (c)1996 Hendrik T.Voelker for code passwords by http basic authentication. This unit is included in source package and is freely available in SWAG.
WebTrends Security Analyzer (WebTrends)	Discovers and fixes the latest known security vulnerabilities on Internet, intranet and extranet hosts. Systems are analyzed on demand or at scheduled intervals, allowing prioritization and comparative reports to be generated including recommended fixes that resolve possible threats. The built-in AutoSync technology seamlessly updates WebTrends Security Analyzer with the latest security tests for the most current vulnerability analysis available.
Whisker (RainForestPuppy)	Freeware CGI scanner.