Vulnerability management tools for COTS software - A comparison

S.M. Welberg, S.M. Welberg

    Research output: Book/ReportReportProfessional

    261 Downloads (Pure)

    Abstract

    In this paper, we compare vulnerability management tools in two stages. In the first stage, we perform a global comparison involving thirty tools available in the market. A framework composed of several criteria based on scope and analysis is used for this comparison. From this global view of the tools, we detected that only three tools perform correlated analysis. Correlated analysis can be done in two ways: (i) correlation of scanning results with the output from other security devices such as firewall and intrusion detection systems, or (ii) correlation between vulnerabilities composing attack scenarios. Although both correlations add value to vulnerability management, the latter is especially important to unveil stepping stones which could be exploited by attackers. The comparison shows that two out of three tools perform correlation of the second type but scalability and the amount of manual input required seems to be their biggest problems.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherInformation Systems (IS)
    Number of pages9
    Publication statusPublished - 21 Feb 2008

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.TR-CTIT-08-15
    ISSN (Print)1381-3625

    Keywords

    • IR-64654
    • METIS-265734
    • EWI-12034

    Cite this

    Welberg, S. M., & Welberg, S. M. (2008). Vulnerability management tools for COTS software - A comparison. (CTIT Technical Report Series; No. TR-CTIT-08-15). Enschede: Information Systems (IS).