I recently conducted a Penetration Test. Our Methodolgy is to always use to tools to verify against each other. I used both Saint and Nessus as Vulnerability Scanners. Compared Side by Side, I found that Saint was able to identify more Vulnerabilities than Nessus. I also use Metasploit, Saint and the tools in BackTrack v5 for penetration testing.
On the Vulnerability Identification Side, both Saint and Nessus found three common vulnerabilities, but it also found many more. Saint found nine! Three of which had a CVE rating of greater than 7.5. Nessus highest CVE Rating was 5.
Both Vulnerability Scanners were Commercial i.e. I paid good money for both. Saint is $2K per year for a Consultant’s license and Nessus Professional Feed was $1.5K.
Saint also includes a Penetration Test Tool while Nessus only contains a Vulnerability Scanner. It also has a Great Reporting Feature.
Anyone have a comment?0