So now we can totally trust product recommendations for Foundstone.

Larry McIntosh Bio
From: Larry McIntosh
Sent: Fri 7/11/2003 4:18 PM
To: Consult; Ops; Con; Sales; SE
Subject: News group product recommendations


As I'm sure most of you are already aware, security news groups are being
leveraged more and more frequently by IT/security personnel to investigate
security products and vendors. It has come to our attention that Foundstone
competitors are getting a lot of air time with this influential crowd.

Following is a sample posting from the SecurityFocus
Pen-Test group:

I am currently helping evaluate vulnerability scanners to deploy in a large
enterprise. We looked at Qualys and Retina so far. Retina has the most mature
Enterprise distribution model, however Qualys does have more signaturesISS is
coming in next week

Some response excerpts include:

We have run Qualys

eEye prides themselves on being the safest assessment scanner

The nice thing about Qualys was that all you had to do is plug the
appliance into your network and you were ready to go

not to say that the Qualys product is not worth that cost, although it
does seem steep... well, then you have Foundscan which is much more expensive

I run nessus, and it's so little trouble that I don't think I've spent 60
minutes administering/installing/maintaining it all year so far

We would like to enlist your help to build some positive Foundstone awareness
throughout the news group community. This is an important measure for everyone
at the company since many of our deals begin with recommendations by people who
rely on these groups for information.

If and when you come across a thread like this, please take a moment to share
some anonymous information about the benefits of Foundstone's products and
solutions. We're offering several products now that greatly outperform, yet
compete quite well on price with any of the commercial solutions discussed. We're
not asking for a sales pitch (although it doesn't take a genius to see a lot of
vendors are pushing product here); but something as simple as

"Take a look at Foundstone's new stuff also. They have a few new products (like a
professional version) and the prices are really on par with everyone else's - plus their
performance is better in a lot of key areas (speed, scalability). Network Computing mag
just did a review with 11 vendors -check that out too"


Foundstone has a new appliance as wella friend of mine just did the install and he said it
only took one day for both the install and training. Its built like a tank, so if you need
reliable hardware and software, check out Foundstones appliance.


I wouldnt invest in any more firewalls or IDS until you get someone like Foundstone to come
in a check out your systems. They can do the pen test or risk assessment and determine
where you should best spend your few security bucks.

Some guidelines:

Do this from your home machine not Foundstones Youre welcome to modify this text in your own
words It should reflect your personality we dont need this to be picked up as manufacturer speak

Thanks for your help. I'd appreciate any feedback you get that you think might be valuable.

Larry McIntosh
Chief Marketing Officer
Foundstone, Inc.
Strategic Security
949.297.5603 Tel
949.297.5575 Fax

main page ATTRITION feedback