Hello! Thanks for visiting my website! Glad to see you here.
I have been working in information security since 2009, specializing in Vulnerability Management, Compliance Management, custom security automation and metrics. You can read more about my career path in LinkedIn.
All my Open Source projects are on Github. I am currently focusing mainly on my vulnerability prioritization tool Vulristics (read the posts about it).
I publish my posts in audio-video format as well. Here is my Youtube channel and you can open this podcast feed url in the podcast player (or try to search for “AVLEONOV Podcast”).
My main messenger is Telegram, and I have several projects there:
- @avleonovcom – main channel with all the stuff
- @avleonovrus – мой русскоязычный канал, обновляется чаще (my telegram channel in Russian)
- @avleonovchat – our community; feel free to ask your questions there
- @avleonovnews – channel with the latest security news; updates automatically
My pages in social networks:
My email: me@avleonov.com
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Pingback: Vulnerability scanners: a view from the vendor and end user side | Alexander V. Leonov
Pingback: Gartner’s view on Vulnerability Management market | Alexander V. Leonov
Hi Alex,
Which ones of these vulnerability management products for analyzing and prioritizing risks?
Kenna seem to have support for various connectors. But I’m looking to see if there is a reporting feature in the vuln. mgmt product that can also serve the interest of the non-security savvy executives to be able to speak in their language of finance; in terms of the cost of risk in dollars($) – Similar to this feature in baydynamics product offering
https://baydynamics.com/solutions/quantify-financial-impact/
Bay Dynamics
Core Security
Kenna Security
NetSPI
Skybox
Hi Ram!
Among solutions that you mentioned I tried only Kenna Security, “Kenna Security: Analyzing Vulnerability Scan data“. Talking about “cost of risk in dollars($)”, https://www.faradaysec.com/ might be interesting for you. For “non-security savvy executives” Tenable has Assurance Report Cards. It is also pretty interesting instrument.
Hi,
I am looking at two VM solutions right now, Rapid7 and BeyondTrust. Rapid7 comes across as the better product, simpler to get it going, better interface, and so on. BeyondTrust wins on price, and due to budget it may be BeyondTrust or nothing. BeyondTrust has a difficult interface at times, reporting seems not as intuitive, and so on.
Have you worked with both of these products and have any thoughts? ?o you think BeyondTrust would be good enough?