Last week, Richard Bejtlich reviewed “Nmap in the Enterprise,” and for the most part, was largely disappointed with it’s lack of enterprise context. My last script, tissynbe.py, parsed Nessus results in nbe format and inserted them into a MySQL database. Today, I’m making available nmaparse.py, a script that will parse grepable nmap output […]

Today I am going to cover a topic that is the most important to me: software security. When I talk about “software security”, I refer to the process of building applications — the artifacts, components, and capital that goes into making a polished product. Applications are something that development teams worldwide strive to […]

I mentioned in previous posts that I had been working with Nessus — I used it a lot. At the end of the engagement, we had almost a gigabyte of Nessus data saved in nbe format. So to quickly go through and analyze all the results, inserting it into a database was essential. I […]