After the Rapid7 acquisition of Metasploit, things are beginning to shift in the Vulnerability Scanning and Penetration Testing market. The basic trend is one of merging the small independent players into larger organizations with a product portfolio covering a wider area.
Rapid7 published the NeXpose Community edition, which pairs with Metasploit. At this moment it still has some early adoption issues - like problems with working on Windows 7, but these will be resolved.
The NeXpose Community may prove to be a strong adversary to Nessus in the free tools market, and by presenting the possibilities of NeXpose to a wider community it will enter the minds of more potential commercial users.
But apparently the competition is not sleeping either. For around a year, there is a joint discount offer on a set of products by Tenable Networks Security, Immunity Inc and DSquare Security. This set creates a great overall product:
- Nessus being the vulnerability scanner
- Immunity CANVAS being one of the commercial leaders in penetration testing frameworks and
- DSquare enriching the set with additional exploit packs for CANVAS
What do you think? Is the merger of Tenable and Immunity possible? Will it provide a better product and will the users benefit?
Nessus vs Retina - Vulnerability Scanning Tools Evaluation
Tutorial - Using Ratproxy for Web Site Vulnerability Analysis