QUESTION(S):
reply to a minimum of two classmates’ posts and analyze their choices of vulnerability scanners to determine the effectiveness of their resolutions. Be sure you elaborate on access points and ability to customize options to meet existing network configurations.
Each response must be substantive and advance the discussion while focusing on concepts related to the materials in this module.
PEER POST # 1
choose Nmap Scripting Engine or Nmap’s NSE for short. I usually use just the plain ole –script tag and use any number of the NSE scripts Nmap offers. For this discussion, there is nothing that compares to nmap when considering cost and granularity/control one has over there scans. Apart from writing custom scripts in python to test for specific vulns based on custom banner grabbers and custom port scanners, Nmap does it all from one simple cmdline interface. may be a bit biased as I spent a lot of time learning nmap and its different functionalities which is why I feel so comfortable and confident in saying that from a cost benefit analysis and overall functionality, Nmap is the best hands down. It has just had decades of knowledge and functionality poured into its development via its opensource nature. Just for a bit of insight in the past month there have been 146 additions and 3447 deletions and 15 files changed. (nmap, 2025)This project is very active and is constantly being updated and it also gives you the ability to add your own custom NSE scripts for custom scans. It is really a no brainer for me to choose nmap as any problem I have ever had is promptly solved and bugs addressed. This is a lot to ask of the developers of paid scanners as they have bigger clients who are “more important” than someone like me submitting an issue or pull request. Although paid scanners generally come with a beautiful GUI and nice colors, its nothing to get use to the output of nmap via the cmdline and you can always use the –stylesheet argument to create a beautiful output but may have trouble viewing it on a different machine than the one that ran the scan unless the other machine has the same nmap.xsl file. (Nmap Network Scanning, 2025) Although, with a bit of preparation seems to be as simple as converting the xml to html using xsltproc so long as you have the nmap-bootstrap.xsl stylesheet downloaded already or it seems that you can just embed the stylesheet via an href within the xml document and that should suffice as well. (Github, 2018)
PEER POST # 2
Tenable Nessus is a really well-regarded vulnerability scanner. It’s known for its comprehensive scanning, covering everything from network and endpoint vulnerabilities to server vulnerabilities (Tenable, n.d.). I think the detailed reports it generates, showing the severity and potential impact of vulnerabilities, are super helpful for organizations like mine to figure out what to fix first. The fact that it can continuously monitor and integrate with other security tools is a big plus too, and it helps with keeping a strong security posture.
One thing that really makes Nessus stand out is how many assets it covers and how in-depth its vulnerability research is. It scans a huge range of assets and applications, and their team is constantly updating the vulnerability database with new threats, even zero-day vulnerabilities. Plus, the flexible pricing is great – it makes it accessible to both small businesses and large enterprises. For smaller organizations or even individual use, the subscription model with different tiers based on size and needs is a good option.
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|