Are there reviews showing SOX Vulnerability Assessment & Audit products? NetIQ seems to show up in a number of security categories(SOX, Mtg, Assessment, Patching), how does it compare to the other products?
Thanks for any help & pointers you can provide!
Although we've done the initial audit manually, I've been looking for some help in managing compliance. NetIQ, Legato and Configuresoft are the three possible solutions I've found so far.
Of the three, Configuresoft seems to be the most complete. It not only logs any changes, you can set policies on your 'Sox' servers which prevent permission changes unless a 'Sox' administrator approves them. They all do a fair job with their compliance reporting. All of them do a fair job of general vulnerability testing as well.
I haven't selected a solution yet, so it would be best to do your own evals. Good Luck! ...and if you find something else that works even better, be sure to write! 8-)
Last Wiki Answer Submitted: June 29, 2012 1:42 pm by Michael Tidmarsh11,410 pts.