(Sorry if this is a repost. I had a technical issue with my first attempt) I would like to use OSSIM's OpenVAS component to run asset and vulnerability scans on both prod and non-prod. Like every place, we want to make sure the IT infrastructure is not harmed or jeopardized.
So what is due care when introducing scanning? Should I do the asset scans only during maintenance windows to start off, to make sure nothing gets broken? Or are the non destructive, non authenticated scans considered safe enough to run during production hours, on production assets? I should add that Nessus has been used by an outside contractor without issue, on our network. Thanks so much in advance Peter
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
