Scanner + Exploit
August 04, 2008
$2,695 for a Class C network
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vulnerability/penetration testing in one easy-to-use product.
- Weaknesses: Available only for Linux or Mac architectures.
- Verdict: We were really pleased to see how well this workhorse has matured over the years. It came within a hair of being our Recommended product.
Saint Scanner and Saint Exploit 6.7.11 are two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network. To be sure of total security risk, the integration of these products allows for not only vulnerability assessment, but also the attempt at exploiting those vulnerabilities. While the Scanner uncovers the vulnerabilities, it is Exploit that is the true star of this combination. Exploit can run various exploits remotely, locally and through an already compromised target onto others throughout the network.
We found this product to be quite easy to use. Installation is done on a Linux platform, but we found we did not have to be Linux experts to run it. The installation steps really were the only command-based piece of this product, and the documentation outlined these step quite well.
Once installed, all of the administration is done through an intuitive GUI, with simple tab top navigation. We also found that these products were very well integrated with each other in the same interface, so there was no bouncing back and forth between them.
This product performed nicely in our test environment. After scanning was complete, we found that creating reports was quick and easy with Saintwriter. These reports gave an excellent amount of detail in a nice easy to read format. It is also possible to view results quickly in the GUI itself, and all the results can be organized by severity, name or host.
Documentation comes in the form of a single PDF document. This guide includes all the necessary installation requirements and tasks, as well as a great amount of detail on configuring and using the product. We found this documentation to be well organized. However, we would have liked screen shots for easier understanding.
Saint includes eight hours a day/five days a week phone and email technical support, while 24/7 support can be purchased for 10 percent of the list price.
At just under $2,700, this solution is a good alternative, or addition to, an already existing penetration tool for almost any size environment. It combines an easy-to-use look and feel with some highly comprehensive testing ability.
SC Magazine Articles
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Report: Ransomware feeds off poor endpoint security
- Organizations need formal vendor risk management programs, study
- 2.5K Twitter accounts hacked to spread links to adult content
- Study: Federal agencies still lack strong cyber hygiene practices
- Petya and Mischa - the Ransomware Twins (sort of)
- Bad guys update ransomware DMA Locker with version 4.0
- Lieu, Hurd urge colleagues to use encryption, improve cyber hygiene