[Discuss] External network scanning service

Tom Metro tmetro+blu at gmail.com
Fri Mar 27 16:28:35 EDT 2015


Matt Shields wrote:
> I'm
> looking for a SAAS that I can add my subnets and they will scan them daily
> and check for open ports and known vulnerabilities, etc and send us a
> report.

I asked a similar question back in June:

http://www.mail-archive.com/discuss%40blu.org/msg09068.html

Although my expectation was that a SaaS solution wouldn't do the job as
some exploits need to be performed on the same network segment, although
so few potential attackers would have that access, a SaaS approach is
probably good enough.

The answer I got back was, "Isn't that what Metasploit is for?"

So why the lack of SaaS offerings? Is it due to technical reasons or
because of fear of liability? (A search did turn up
https://www.qualys.com/; I can't find pricing on their site.)

It sure seems like there ought to be a market for this.

 -Tom

-- 
Tom Metro
The Perl Shop, Newton, MA, USA
"Predictable On-demand Perl Consulting."
http://www.theperlshop.com/



More information about the Discuss mailing list