Hey Hey,

I'd just like to point out this article http://www.investors.com/editorial/I...issue=20060316.

The United States Agency for International Development, USAID, scored best with 100%.
With data, USAID had a way to measure security performance. Managers could make better-informed decisions about security.

USAID started doing vulnerability scans of the 16,000 devices on its networks 10 times a month. It uses software from NCircle Network Security and others to tell where patches are needed, misconfigurations exist and passwords lack strength. The point of the scans is this, says Tim Keanini, NCircle's chief technology officer: "I need to know, prior to my adversary knowing, where the weaknesses are."

USAID spent a little more than $200,000 on related technology. Three products it uses are NCircle's IP360 vulnerability and risk management software, Skybox Security's Skybox View suite and NetForensics' NFX Open Security Platform. "We run through some threat scenarios nightly," Heneghan said.
Peace,
HT