Scanner + Exploit
August 04, 2008
$2,695 for a Class C network
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Vulnerability/penetration testing in one easy-to-use product.
- Weaknesses: Available only for Linux or Mac architectures.
- Verdict: We were really pleased to see how well this workhorse has matured over the years. It came within a hair of being our Recommended product.
Saint Scanner and Saint Exploit 6.7.11 are two great tools wrapped up to work together to provide an in-depth view of vulnerabilities throughout a network. To be sure of total security risk, the integration of these products allows for not only vulnerability assessment, but also the attempt at exploiting those vulnerabilities. While the Scanner uncovers the vulnerabilities, it is Exploit that is the true star of this combination. Exploit can run various exploits remotely, locally and through an already compromised target onto others throughout the network.
We found this product to be quite easy to use. Installation is done on a Linux platform, but we found we did not have to be Linux experts to run it. The installation steps really were the only command-based piece of this product, and the documentation outlined these step quite well.
Once installed, all of the administration is done through an intuitive GUI, with simple tab top navigation. We also found that these products were very well integrated with each other in the same interface, so there was no bouncing back and forth between them.
This product performed nicely in our test environment. After scanning was complete, we found that creating reports was quick and easy with Saintwriter. These reports gave an excellent amount of detail in a nice easy to read format. It is also possible to view results quickly in the GUI itself, and all the results can be organized by severity, name or host.
Documentation comes in the form of a single PDF document. This guide includes all the necessary installation requirements and tasks, as well as a great amount of detail on configuring and using the product. We found this documentation to be well organized. However, we would have liked screen shots for easier understanding.
Saint includes eight hours a day/five days a week phone and email technical support, while 24/7 support can be purchased for 10 percent of the list price.
At just under $2,700, this solution is a good alternative, or addition to, an already existing penetration tool for almost any size environment. It combines an easy-to-use look and feel with some highly comprehensive testing ability.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- Vulnerabilities identified in three Advantech products
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context