[Discuss] External network scanning service
Timchenko, Maxim
maxvt at bu.edu
Mon Mar 30 11:43:23 EDT 2015
On 3/28/2015 12:00 PM, discuss-request at blu.org wrote:
> So why the lack of SaaS offerings? Is it due to technical reasons or
> because of fear of liability? (A search did turn up
> https://www.qualys.com/; I can't find pricing on their site.) It sure
> seems like there ought to be a market for this.
For websites, https://detectify.com/ has launched recently. It feels
like they would naturally expand to cover network surveys as well, in
time. They have a SaaS model and offer transparent pricing for small
businesses. Acunetix also offers "as a service" nmap scans, I think.
Liability would be a concern (how, for example, would you prove to a 3rd
party that you own the IP range submitted for scanning?), as well as
potentially breaking the ToS of the hosting service (Amazon requires
preapproval of any pentesting, as I seem to recall from skimming their
policies). From the business risk perspective of starting a service like
this, looking only at Qualys they have 50-ish patents related to the
field, including things like "a security scanner" and "a dashboard for a
security status from a mobile device".
Yours,
--
Max
More information about the Discuss
mailing list