Penetration Testing and Compliance Suite
Immunity Inc, (the makers of the CANVAS penetration testing tool), have partnered with Tenable Network Security and DSquare Security to offer a product bundle which is ideal for consultants who perform penetration testing, vulnerability analysis and compliance auditing services. The bundle includes:
- Immunity CANVAS
- Tenable Nessus ProfessionalFeed
- DSquare Exploit Pack
This bundle saves customers 20% off of the list purchase price for each of these products.
One of the things I am very excited about with this bundle is the integration between Nessus and CANVAS provided by the DSquare Exploit Pack. As you can see in this video here, you can perform your vulnerability scans with Nessus and then feed them directly into CANVAS for exploitation.This can minimize the amount of work a consultant needs to do when attempting to find an exploitable target. The DSquare technology makes great use of the Nessus 3 report format as well. This also means if you are a Security Center organization, you can extract all of your vulnerability data and feed it into CANVAS to rapidly provision a penetration test.
CANVAS also has the ability to retrieve password LM/NTLM hashes. This information can be fed into Nessus 3 to perform a patch or configuration audit of a system that has been compromised. As a consultant, this allows you to identify systems which can be compromised with CANVAS and then further test them with Nessus by performing patch audits, CIS/PCI/FDCC and other patch audits and to even scan them for sensitive data.