Published on March 19th, 2012 | by NJ Ouchn0
Blackhat Amsterdam 2012 : ToolsTube with Frank Breedijk on Seccubus
What is Seccubus?
Seccubus automates regular vulnerability scans and provides delta reporting.
The goal is to reduce the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
What’s the issue?
Anyone who has ever used Nessus, OpenVAS, Nikto or another vulnerability scanner will be familiar with the drawback of such tools. Tools like Nessus are very valuable tools, but unfortunately the results contain a lot of noise. Time needed to interpret and create a report using the results of a scan will often be two or three times the time needed to do the actual scan.
Seccubus was created in order to more effectively analyze the results of regular scans of the same infrastructure by efficiently interpreting results.
Frank Breedijk CISSP B ICT is employed as a Security Engineer at Schuberg Philis since 2006. He is responsible for the technical information security of Schuberg Philis Mission Critical outsourcing services. This includes, but is not limited to:
- Security Awareness
- Vulnerability management
- Internal security consultancy
- Internal technical audits
- AutoNessus development
Frank Breedijk has been active in IT Security for over 10 years. Before joining Schuberg Philis he worked as a Security Consultant for INS/BT and Security Officer for Interxion. He managed the European Security Operations Center (SOC) for Unisys’ managed security services. During this period Gartner labeled Unisys leader in the magic quadrant for Managed Security Services in Europe.
Besides his day job Frank Breedijk is an active on Twitter and writes blog entries for CupFighter.net. He has also written magazine articles about Seccubus and security awareness.