Best Software for 2025 is now live!

Best Vulnerability Scanner Software

Lauren Worth
LW
Researched and written by Lauren Worth

Vulnerability scanners are tools that constantly monitor applications and networks to identify security vulnerabilities. They work by maintaining an up-to-date database of known vulnerabilities, and conduct scans to identify potential exploits. Vulnerability scanners are used by companies to test applications and networks against known vulnerabilities and to identify new vulnerabilities. The scanners typically produce analytical reports detailing the state of an application or network security and provide recommendations to remedy known issues. Some vulnerability scanners work in a similar manner to dynamic application security testing (DAST) tools, but scan tools instead of mimicking attacks or performing penetration tests.

To qualify for inclusion in the Vulnerability Scanner category, a product must:

Maintain a database of known vulnerabilities
Continuously scan applications for vulnerabilities
Produce reports analyzing known vulnerabilities and new exploits

Best Vulnerability Scanner Software At A Glance

Best for Small Businesses:
Best for Mid-Market:
Best for Enterprise:
Highest User Satisfaction:
Best Free Software:
Show LessShow More
Best for Enterprise:
Highest User Satisfaction:
Best Free Software:

G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.

No filters applied
185 Listings in Vulnerability Scanner Available
By Wiz
(696)4.7 out of 5
Optimized for quick response
2nd Easiest To Use in Vulnerability Scanner software
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Wiz transforms cloud security for customers – including 40% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the cloud lifecycle, empower

    Users
    • CISO
    • Security Engineer
    Industries
    • Financial Services
    • Computer Software
    Market Segment
    • 55% Enterprise
    • 38% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Wiz Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    351
    Security
    315
    Visibility
    260
    Features
    249
    Cloud Management
    227
    Cons
    Improvement Needed
    121
    Missing Features
    119
    Feature Limitations
    107
    Learning Curve
    98
    Limited Features
    82
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Wiz features and usability ratings that predict user satisfaction
    9.4
    Has the product been a good partner in doing business?
    Average: 9.2
    8.8
    Detection Rate
    Average: 8.9
    9.0
    Automated Scans
    Average: 9.0
    8.8
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Wiz
    Company Website
    Year Founded
    2020
    HQ Location
    New York, US
    Twitter
    @wiz_io
    14,648 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,054 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Wiz transforms cloud security for customers – including 40% of the Fortune 100 – by enabling a new operating model. With Wiz, organizations can democratize security across the cloud lifecycle, empower

Users
  • CISO
  • Security Engineer
Industries
  • Financial Services
  • Computer Software
Market Segment
  • 55% Enterprise
  • 38% Mid-Market
Wiz Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
351
Security
315
Visibility
260
Features
249
Cloud Management
227
Cons
Improvement Needed
121
Missing Features
119
Feature Limitations
107
Learning Curve
98
Limited Features
82
Wiz features and usability ratings that predict user satisfaction
9.4
Has the product been a good partner in doing business?
Average: 9.2
8.8
Detection Rate
Average: 8.9
9.0
Automated Scans
Average: 9.0
8.8
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Wiz
Company Website
Year Founded
2020
HQ Location
New York, US
Twitter
@wiz_io
14,648 Twitter followers
LinkedIn® Page
www.linkedin.com
2,054 employees on LinkedIn®
(209)4.6 out of 5
Optimized for quick response
3rd Easiest To Use in Vulnerability Scanner software
Save to My Lists
Entry Level Price:Contact Us
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google C

    Users
    • Security Engineer
    Industries
    • Computer Software
    • Information Technology and Services
    Market Segment
    • 52% Mid-Market
    • 36% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Orca Security Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    54
    Features
    49
    Security
    49
    Cloud Security
    36
    Vulnerability Detection
    35
    Cons
    Improvement Needed
    25
    Missing Features
    18
    Feature Limitations
    17
    Improvements Needed
    14
    Ineffective Alerts
    14
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Orca Security features and usability ratings that predict user satisfaction
    9.4
    Has the product been a good partner in doing business?
    Average: 9.2
    8.8
    Detection Rate
    Average: 8.9
    9.3
    Automated Scans
    Average: 9.0
    8.7
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Company Website
    Year Founded
    2019
    HQ Location
    Portland, Oregon
    Twitter
    @orcasec
    4,847 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    442 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

The Orca Cloud Security Platform identifies, prioritizes, and remediates risks and compliance issues in workloads, configurations, and identities across your cloud estate spanning AWS, Azure, Google C

Users
  • Security Engineer
Industries
  • Computer Software
  • Information Technology and Services
Market Segment
  • 52% Mid-Market
  • 36% Enterprise
Orca Security Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
54
Features
49
Security
49
Cloud Security
36
Vulnerability Detection
35
Cons
Improvement Needed
25
Missing Features
18
Feature Limitations
17
Improvements Needed
14
Ineffective Alerts
14
Orca Security features and usability ratings that predict user satisfaction
9.4
Has the product been a good partner in doing business?
Average: 9.2
8.8
Detection Rate
Average: 8.9
9.3
Automated Scans
Average: 9.0
8.7
Configuration Monitoring
Average: 8.4
Seller Details
Company Website
Year Founded
2019
HQ Location
Portland, Oregon
Twitter
@orcasec
4,847 Twitter followers
LinkedIn® Page
www.linkedin.com
442 employees on LinkedIn®

This is how G2 Deals can help you:

  • Easily shop for curated – and trusted – software
  • Own your own software buying journey
  • Discover exclusive deals on software
(284)4.5 out of 5
Optimized for quick response
9th Easiest To Use in Vulnerability Scanner software
View top Consulting Services for Tenable Nessus
Save to My Lists
Entry Level Price:$3,390.00
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Built for security practitioners, by security professionals, Nessus products by Tenable are the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to

    Users
    • Security Engineer
    • Network Engineer
    Industries
    • Information Technology and Services
    • Computer & Network Security
    Market Segment
    • 39% Mid-Market
    • 32% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Tenable Nessus Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Vulnerability Identification
    19
    Ease of Use
    15
    Vulnerability Detection
    15
    Automated Scanning
    13
    Features
    11
    Cons
    Slow Scanning
    9
    Limited Features
    5
    Time-Consuming
    5
    Update Delays
    4
    Lack of Automation
    3
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Tenable Nessus features and usability ratings that predict user satisfaction
    8.6
    Has the product been a good partner in doing business?
    Average: 9.2
    8.8
    Detection Rate
    Average: 8.9
    9.0
    Automated Scans
    Average: 9.0
    8.4
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Tenable
    Company Website
    HQ Location
    Columbia, MD
    Twitter
    @TenableSecurity
    87,017 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,154 employees on LinkedIn®
    Ownership
    NASDAQ: TENB
Product Description
How are these determined?Information
This description is provided by the seller.

Built for security practitioners, by security professionals, Nessus products by Tenable are the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to

Users
  • Security Engineer
  • Network Engineer
Industries
  • Information Technology and Services
  • Computer & Network Security
Market Segment
  • 39% Mid-Market
  • 32% Enterprise
Tenable Nessus Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Vulnerability Identification
19
Ease of Use
15
Vulnerability Detection
15
Automated Scanning
13
Features
11
Cons
Slow Scanning
9
Limited Features
5
Time-Consuming
5
Update Delays
4
Lack of Automation
3
Tenable Nessus features and usability ratings that predict user satisfaction
8.6
Has the product been a good partner in doing business?
Average: 9.2
8.8
Detection Rate
Average: 8.9
9.0
Automated Scans
Average: 9.0
8.4
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Tenable
Company Website
HQ Location
Columbia, MD
Twitter
@TenableSecurity
87,017 Twitter followers
LinkedIn® Page
www.linkedin.com
2,154 employees on LinkedIn®
Ownership
NASDAQ: TENB
(100)4.8 out of 5
Optimized for quick response
1st Easiest To Use in Vulnerability Scanner software
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Sysdig Secure is our CNAPP platform that more than 700 enterprise customers use to address CNAPP, VM, CSPM, CIEM, container security and more - at enterprise scale. Our platform spans prevention, dete

    Users
    • Security Engineer
    Industries
    • Financial Services
    • Computer Software
    Market Segment
    • 45% Enterprise
    • 41% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Sysdig Secure Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Vulnerability Detection
    33
    Security
    31
    Threat Detection
    26
    Detection Efficiency
    24
    Features
    24
    Cons
    Feature Limitations
    12
    Missing Features
    9
    Complexity
    8
    Resource Limitations
    7
    Feature Complexity
    6
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Sysdig Secure features and usability ratings that predict user satisfaction
    9.7
    Has the product been a good partner in doing business?
    Average: 9.2
    9.5
    Detection Rate
    Average: 8.9
    9.5
    Automated Scans
    Average: 9.0
    9.4
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Sysdig
    Company Website
    Year Founded
    2013
    HQ Location
    San Francisco, California
    Twitter
    @Sysdig
    10,189 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    787 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Sysdig Secure is our CNAPP platform that more than 700 enterprise customers use to address CNAPP, VM, CSPM, CIEM, container security and more - at enterprise scale. Our platform spans prevention, dete

Users
  • Security Engineer
Industries
  • Financial Services
  • Computer Software
Market Segment
  • 45% Enterprise
  • 41% Mid-Market
Sysdig Secure Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Vulnerability Detection
33
Security
31
Threat Detection
26
Detection Efficiency
24
Features
24
Cons
Feature Limitations
12
Missing Features
9
Complexity
8
Resource Limitations
7
Feature Complexity
6
Sysdig Secure features and usability ratings that predict user satisfaction
9.7
Has the product been a good partner in doing business?
Average: 9.2
9.5
Detection Rate
Average: 8.9
9.5
Automated Scans
Average: 9.0
9.4
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Sysdig
Company Website
Year Founded
2013
HQ Location
San Francisco, California
Twitter
@Sysdig
10,189 Twitter followers
LinkedIn® Page
www.linkedin.com
787 employees on LinkedIn®
(107)4.9 out of 5
4th Easiest To Use in Vulnerability Scanner software
View top Consulting Services for SentinelOne Singularity Cloud Security
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure

    Users
    No information available
    Industries
    • Information Technology and Services
    • Financial Services
    Market Segment
    • 60% Mid-Market
    • 31% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • SentinelOne Singularity Cloud Security Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Security
    61
    Ease of Use
    37
    Vulnerability Detection
    37
    Cloud Management
    36
    Vulnerability Identification
    32
    Cons
    Learning Curve
    4
    Missing Features
    4
    Asset Management
    3
    Delayed Detection
    3
    Improvement Needed
    3
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • SentinelOne Singularity Cloud Security features and usability ratings that predict user satisfaction
    9.8
    Has the product been a good partner in doing business?
    Average: 9.2
    9.8
    Detection Rate
    Average: 8.9
    9.8
    Automated Scans
    Average: 9.0
    10.0
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Year Founded
    2013
    HQ Location
    Mountain View, CA
    Twitter
    @SentinelOne
    54,520 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,802 employees on LinkedIn®
    Ownership
    NASDAQ: S
Product Description
How are these determined?Information
This description is provided by the seller.

Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure

Users
No information available
Industries
  • Information Technology and Services
  • Financial Services
Market Segment
  • 60% Mid-Market
  • 31% Enterprise
SentinelOne Singularity Cloud Security Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Security
61
Ease of Use
37
Vulnerability Detection
37
Cloud Management
36
Vulnerability Identification
32
Cons
Learning Curve
4
Missing Features
4
Asset Management
3
Delayed Detection
3
Improvement Needed
3
SentinelOne Singularity Cloud Security features and usability ratings that predict user satisfaction
9.8
Has the product been a good partner in doing business?
Average: 9.2
9.8
Detection Rate
Average: 8.9
9.8
Automated Scans
Average: 9.0
10.0
Configuration Monitoring
Average: 8.4
Seller Details
Year Founded
2013
HQ Location
Mountain View, CA
Twitter
@SentinelOne
54,520 Twitter followers
LinkedIn® Page
www.linkedin.com
2,802 employees on LinkedIn®
Ownership
NASDAQ: S
(110)4.5 out of 5
Optimized for quick response
15th Easiest To Use in Vulnerability Scanner software
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Tenable Vulnerability Management is the industry's most comprehensive risk-based vulnerability management (RBVM) platform, enabling you to: • See all assets and vulnerabilities across your entire

    Users
    No information available
    Industries
    • Information Technology and Services
    • Financial Services
    Market Segment
    • 53% Enterprise
    • 35% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Tenable Vulnerability Management Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Vulnerability Identification
    15
    Automated Scanning
    11
    Ease of Use
    10
    Scanning Efficiency
    10
    Features
    7
    Cons
    Lack of Information
    7
    Insufficient Information
    5
    Complexity
    4
    Difficult Learning
    4
    Inadequate Reporting
    4
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Tenable Vulnerability Management features and usability ratings that predict user satisfaction
    8.5
    Has the product been a good partner in doing business?
    Average: 9.2
    9.0
    Detection Rate
    Average: 8.9
    9.2
    Automated Scans
    Average: 9.0
    8.8
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Tenable
    Company Website
    HQ Location
    Columbia, MD
    Twitter
    @TenableSecurity
    87,017 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,154 employees on LinkedIn®
    Ownership
    NASDAQ: TENB
Product Description
How are these determined?Information
This description is provided by the seller.

Tenable Vulnerability Management is the industry's most comprehensive risk-based vulnerability management (RBVM) platform, enabling you to: • See all assets and vulnerabilities across your entire

Users
No information available
Industries
  • Information Technology and Services
  • Financial Services
Market Segment
  • 53% Enterprise
  • 35% Mid-Market
Tenable Vulnerability Management Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Vulnerability Identification
15
Automated Scanning
11
Ease of Use
10
Scanning Efficiency
10
Features
7
Cons
Lack of Information
7
Insufficient Information
5
Complexity
4
Difficult Learning
4
Inadequate Reporting
4
Tenable Vulnerability Management features and usability ratings that predict user satisfaction
8.5
Has the product been a good partner in doing business?
Average: 9.2
9.0
Detection Rate
Average: 8.9
9.2
Automated Scans
Average: 9.0
8.8
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Tenable
Company Website
HQ Location
Columbia, MD
Twitter
@TenableSecurity
87,017 Twitter followers
LinkedIn® Page
www.linkedin.com
2,154 employees on LinkedIn®
Ownership
NASDAQ: TENB
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices. Leveraging Microsoft

    Users
    No information available
    Industries
    • Computer & Network Security
    Market Segment
    • 44% Small-Business
    • 34% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Microsoft Defender Vulnerability Management Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Vulnerability Identification
    17
    Security
    12
    Ease of Use
    11
    Configuration Ease
    7
    Cybersecurity
    7
    Cons
    Vulnerability Management
    6
    Dashboard Issues
    4
    Learning Curve
    4
    Missing Features
    4
    Expensive
    3
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Microsoft Defender Vulnerability Management features and usability ratings that predict user satisfaction
    8.6
    Has the product been a good partner in doing business?
    Average: 9.2
    8.3
    Detection Rate
    Average: 8.9
    7.2
    Automated Scans
    Average: 9.0
    7.2
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Microsoft
    Year Founded
    1975
    HQ Location
    Redmond, Washington
    Twitter
    @microsoft
    14,031,499 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    238,990 employees on LinkedIn®
    Ownership
    MSFT
Product Description
How are these determined?Information
This description is provided by the seller.

Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices. Leveraging Microsoft

Users
No information available
Industries
  • Computer & Network Security
Market Segment
  • 44% Small-Business
  • 34% Enterprise
Microsoft Defender Vulnerability Management Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Vulnerability Identification
17
Security
12
Ease of Use
11
Configuration Ease
7
Cybersecurity
7
Cons
Vulnerability Management
6
Dashboard Issues
4
Learning Curve
4
Missing Features
4
Expensive
3
Microsoft Defender Vulnerability Management features and usability ratings that predict user satisfaction
8.6
Has the product been a good partner in doing business?
Average: 9.2
8.3
Detection Rate
Average: 8.9
7.2
Automated Scans
Average: 9.0
7.2
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Microsoft
Year Founded
1975
HQ Location
Redmond, Washington
Twitter
@microsoft
14,031,499 Twitter followers
LinkedIn® Page
www.linkedin.com
238,990 employees on LinkedIn®
Ownership
MSFT
(183)4.7 out of 5
Optimized for quick response
View top Consulting Services for SentinelOne Singularity
Save to My Lists
Entry Level Price:Contact Us
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and emp

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer & Network Security
    Market Segment
    • 44% Mid-Market
    • 38% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • SentinelOne Singularity Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    36
    Security
    31
    Features
    25
    Threat Detection
    25
    Protection
    19
    Cons
    False Positives
    13
    Compatibility Issues
    9
    Update Issues
    8
    Agent Issues
    7
    Improvements Needed
    7
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • SentinelOne Singularity features and usability ratings that predict user satisfaction
    9.3
    Has the product been a good partner in doing business?
    Average: 9.2
    9.3
    Detection Rate
    Average: 8.9
    8.7
    Automated Scans
    Average: 9.0
    7.5
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Company Website
    Year Founded
    2013
    HQ Location
    Mountain View, CA
    Twitter
    @SentinelOne
    54,520 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,802 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

SentinelOne (NYSE:S) is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber attacks faster and with higher accuracy than ever before. The Singularity Platform protects and emp

Users
No information available
Industries
  • Information Technology and Services
  • Computer & Network Security
Market Segment
  • 44% Mid-Market
  • 38% Enterprise
SentinelOne Singularity Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
36
Security
31
Features
25
Threat Detection
25
Protection
19
Cons
False Positives
13
Compatibility Issues
9
Update Issues
8
Agent Issues
7
Improvements Needed
7
SentinelOne Singularity features and usability ratings that predict user satisfaction
9.3
Has the product been a good partner in doing business?
Average: 9.2
9.3
Detection Rate
Average: 8.9
8.7
Automated Scans
Average: 9.0
7.5
Configuration Monitoring
Average: 8.4
Seller Details
Company Website
Year Founded
2013
HQ Location
Mountain View, CA
Twitter
@SentinelOne
54,520 Twitter followers
LinkedIn® Page
www.linkedin.com
2,802 employees on LinkedIn®
By AT&T
(113)4.4 out of 5
8th Easiest To Use in Vulnerability Scanner software
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and

    Users
    No information available
    Industries
    • Information Technology and Services
    • Financial Services
    Market Segment
    • 62% Mid-Market
    • 20% Small-Business
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • AlienVault USM (from AT&T Cybersecurity) Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Asset Management
    1
    Automation
    1
    Dashboard Usability
    1
    Integration Capabilities
    1
    Integrations
    1
    Cons
    Expensive
    1
    Licensing Cost
    1
    Licensing Issues
    1
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • AlienVault USM (from AT&T Cybersecurity) features and usability ratings that predict user satisfaction
    8.6
    Has the product been a good partner in doing business?
    Average: 9.2
    9.0
    Detection Rate
    Average: 8.9
    9.0
    Automated Scans
    Average: 9.0
    8.3
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    AT&T
    Year Founded
    1876
    HQ Location
    Dallas, TX
    Twitter
    @ATT
    899,557 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    175,899 employees on LinkedIn®
    Ownership
    NYSE: T
Product Description
How are these determined?Information
This description is provided by the seller.

AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and

Users
No information available
Industries
  • Information Technology and Services
  • Financial Services
Market Segment
  • 62% Mid-Market
  • 20% Small-Business
AlienVault USM (from AT&T Cybersecurity) Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Asset Management
1
Automation
1
Dashboard Usability
1
Integration Capabilities
1
Integrations
1
Cons
Expensive
1
Licensing Cost
1
Licensing Issues
1
AlienVault USM (from AT&T Cybersecurity) features and usability ratings that predict user satisfaction
8.6
Has the product been a good partner in doing business?
Average: 9.2
9.0
Detection Rate
Average: 8.9
9.0
Automated Scans
Average: 9.0
8.3
Configuration Monitoring
Average: 8.4
Seller Details
Seller
AT&T
Year Founded
1876
HQ Location
Dallas, TX
Twitter
@ATT
899,557 Twitter followers
LinkedIn® Page
www.linkedin.com
175,899 employees on LinkedIn®
Ownership
NYSE: T
(108)4.6 out of 5
Optimized for quick response
7th Easiest To Use in Vulnerability Scanner software
Save to My Lists
10% off: $5400
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. Our Pentest platform emulates hackers behav

    Users
    No information available
    Industries
    • Computer Software
    • Information Technology and Services
    Market Segment
    • 69% Small-Business
    • 28% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Astra Pentest Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Customer Support
    39
    Vulnerability Detection
    37
    Ease of Use
    35
    Vulnerability Identification
    30
    Pentesting Efficiency
    27
    Cons
    Poor Customer Support
    9
    Slow Performance
    8
    Technical Issues
    8
    Lack of Information
    7
    Poor Interface Design
    6
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Astra Pentest features and usability ratings that predict user satisfaction
    9.2
    Has the product been a good partner in doing business?
    Average: 9.2
    8.7
    Detection Rate
    Average: 8.9
    8.7
    Automated Scans
    Average: 9.0
    8.6
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Company Website
    Year Founded
    2018
    HQ Location
    New Delhi, IN
    Twitter
    @getastra
    658 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    87 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. Our Pentest platform emulates hackers behav

Users
No information available
Industries
  • Computer Software
  • Information Technology and Services
Market Segment
  • 69% Small-Business
  • 28% Mid-Market
Astra Pentest Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Customer Support
39
Vulnerability Detection
37
Ease of Use
35
Vulnerability Identification
30
Pentesting Efficiency
27
Cons
Poor Customer Support
9
Slow Performance
8
Technical Issues
8
Lack of Information
7
Poor Interface Design
6
Astra Pentest features and usability ratings that predict user satisfaction
9.2
Has the product been a good partner in doing business?
Average: 9.2
8.7
Detection Rate
Average: 8.9
8.7
Automated Scans
Average: 9.0
8.6
Configuration Monitoring
Average: 8.4
Seller Details
Company Website
Year Founded
2018
HQ Location
New Delhi, IN
Twitter
@getastra
658 Twitter followers
LinkedIn® Page
www.linkedin.com
87 employees on LinkedIn®
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Red Hat® Ansible® Automation Platform is Red Hat's primary enterprise automation product offering., it includes all of the tooling needed for building, deploying, and managing end-to-end automation at

    Users
    • DevOps Engineer
    • Software Engineer
    Industries
    • Information Technology and Services
    • Financial Services
    Market Segment
    • 44% Enterprise
    • 38% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Red Hat Ansible Automation Platform Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    108
    Automation
    87
    Automation Efficiency
    65
    Features
    40
    Ansible Playbooks
    39
    Cons
    Missing Features
    30
    Complexity
    28
    Learning Curve
    26
    Learning Difficulty
    24
    Limited Features
    21
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Red Hat Ansible Automation Platform features and usability ratings that predict user satisfaction
    8.8
    Has the product been a good partner in doing business?
    Average: 9.2
    7.9
    Detection Rate
    Average: 8.9
    8.8
    Automated Scans
    Average: 9.0
    9.2
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Red Hat
    Company Website
    Year Founded
    1993
    HQ Location
    Raleigh, NC
    Twitter
    @RedHat
    293,907 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    19,863 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Red Hat® Ansible® Automation Platform is Red Hat's primary enterprise automation product offering., it includes all of the tooling needed for building, deploying, and managing end-to-end automation at

Users
  • DevOps Engineer
  • Software Engineer
Industries
  • Information Technology and Services
  • Financial Services
Market Segment
  • 44% Enterprise
  • 38% Mid-Market
Red Hat Ansible Automation Platform Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
108
Automation
87
Automation Efficiency
65
Features
40
Ansible Playbooks
39
Cons
Missing Features
30
Complexity
28
Learning Curve
26
Learning Difficulty
24
Limited Features
21
Red Hat Ansible Automation Platform features and usability ratings that predict user satisfaction
8.8
Has the product been a good partner in doing business?
Average: 9.2
7.9
Detection Rate
Average: 8.9
8.8
Automated Scans
Average: 9.0
9.2
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Red Hat
Company Website
Year Founded
1993
HQ Location
Raleigh, NC
Twitter
@RedHat
293,907 Twitter followers
LinkedIn® Page
www.linkedin.com
19,863 employees on LinkedIn®
(162)4.8 out of 5
Optimized for quick response
5th Easiest To Use in Vulnerability Scanner software
Save to My Lists
Entry Level Price:Starting at $99.00
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Intruder is an attack surface management platform that empowers organizations to discover, detect, and fix weaknesses on any vulnerable assets across their network. It provides actionable remediation

    Users
    • CTO
    • Director
    Industries
    • Computer Software
    • Information Technology and Services
    Market Segment
    • 59% Small-Business
    • 36% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Intruder Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Ease of Use
    8
    Vulnerability Detection
    8
    Security
    7
    Easy Setup
    6
    Reporting
    6
    Cons
    App Instability
    2
    Expensive
    2
    High Licensing Costs
    2
    Inadequate Reporting
    2
    Licensing Issues
    2
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Intruder features and usability ratings that predict user satisfaction
    9.7
    Has the product been a good partner in doing business?
    Average: 9.2
    9.5
    Detection Rate
    Average: 8.9
    9.5
    Automated Scans
    Average: 9.0
    9.4
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Intruder
    Company Website
    Year Founded
    2015
    HQ Location
    London
    Twitter
    @intruder_io
    946 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    68 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Intruder is an attack surface management platform that empowers organizations to discover, detect, and fix weaknesses on any vulnerable assets across their network. It provides actionable remediation

Users
  • CTO
  • Director
Industries
  • Computer Software
  • Information Technology and Services
Market Segment
  • 59% Small-Business
  • 36% Mid-Market
Intruder Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Ease of Use
8
Vulnerability Detection
8
Security
7
Easy Setup
6
Reporting
6
Cons
App Instability
2
Expensive
2
High Licensing Costs
2
Inadequate Reporting
2
Licensing Issues
2
Intruder features and usability ratings that predict user satisfaction
9.7
Has the product been a good partner in doing business?
Average: 9.2
9.5
Detection Rate
Average: 8.9
9.5
Automated Scans
Average: 9.0
9.4
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Intruder
Company Website
Year Founded
2015
HQ Location
London
Twitter
@intruder_io
946 Twitter followers
LinkedIn® Page
www.linkedin.com
68 employees on LinkedIn®
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Tenable Security Center (formerly Tenable.sc) is the industry's most comprehensive risk-based vulnerability management (RBVM) solution, enabling you to: • See all your vulnerabilities and continuo

    Users
    No information available
    Industries
    • Computer & Network Security
    • Financial Services
    Market Segment
    • 60% Enterprise
    • 23% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Tenable Security Center Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Vulnerability Identification
    11
    Ease of Use
    9
    Features
    6
    Compliance Management
    5
    Cybersecurity
    5
    Cons
    False Positives
    4
    Information Management
    3
    Limited Reporting
    3
    Poor Customer Support
    3
    Complexity
    2
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Tenable Security Center features and usability ratings that predict user satisfaction
    8.8
    Has the product been a good partner in doing business?
    Average: 9.2
    8.8
    Detection Rate
    Average: 8.9
    9.1
    Automated Scans
    Average: 9.0
    8.9
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Tenable
    HQ Location
    Columbia, MD
    Twitter
    @TenableSecurity
    87,017 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,154 employees on LinkedIn®
    Ownership
    NASDAQ: TENB
Product Description
How are these determined?Information
This description is provided by the seller.

Tenable Security Center (formerly Tenable.sc) is the industry's most comprehensive risk-based vulnerability management (RBVM) solution, enabling you to: • See all your vulnerabilities and continuo

Users
No information available
Industries
  • Computer & Network Security
  • Financial Services
Market Segment
  • 60% Enterprise
  • 23% Mid-Market
Tenable Security Center Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Vulnerability Identification
11
Ease of Use
9
Features
6
Compliance Management
5
Cybersecurity
5
Cons
False Positives
4
Information Management
3
Limited Reporting
3
Poor Customer Support
3
Complexity
2
Tenable Security Center features and usability ratings that predict user satisfaction
8.8
Has the product been a good partner in doing business?
Average: 9.2
8.8
Detection Rate
Average: 8.9
9.1
Automated Scans
Average: 9.0
8.9
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Tenable
HQ Location
Columbia, MD
Twitter
@TenableSecurity
87,017 Twitter followers
LinkedIn® Page
www.linkedin.com
2,154 employees on LinkedIn®
Ownership
NASDAQ: TENB
(20)4.5 out of 5
View top Consulting Services for Qualys WAS
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Qualys WAS is Qualys's platform for end-to-end web application scanning.

    Users
    No information available
    Industries
    • Information Technology and Services
    • Computer Software
    Market Segment
    • 45% Mid-Market
    • 35% Enterprise
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Qualys WAS Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Automated Scanning
    1
    Integration Capabilities
    1
    Security
    1
    Testing Services
    1
    User Interface
    1
    Cons
    Learning Curve
    1
    Limited Customization
    1
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Qualys WAS features and usability ratings that predict user satisfaction
    9.7
    Has the product been a good partner in doing business?
    Average: 9.2
    9.1
    Detection Rate
    Average: 8.9
    9.6
    Automated Scans
    Average: 9.0
    8.2
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Seller
    Qualys
    Year Founded
    1999
    HQ Location
    Foster City, CA
    Twitter
    @qualys
    34,298 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    2,846 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Qualys WAS is Qualys's platform for end-to-end web application scanning.

Users
No information available
Industries
  • Information Technology and Services
  • Computer Software
Market Segment
  • 45% Mid-Market
  • 35% Enterprise
Qualys WAS Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Automated Scanning
1
Integration Capabilities
1
Security
1
Testing Services
1
User Interface
1
Cons
Learning Curve
1
Limited Customization
1
Qualys WAS features and usability ratings that predict user satisfaction
9.7
Has the product been a good partner in doing business?
Average: 9.2
9.1
Detection Rate
Average: 8.9
9.6
Automated Scans
Average: 9.0
8.2
Configuration Monitoring
Average: 8.4
Seller Details
Seller
Qualys
Year Founded
1999
HQ Location
Foster City, CA
Twitter
@qualys
34,298 Twitter followers
LinkedIn® Page
www.linkedin.com
2,846 employees on LinkedIn®
(59)4.6 out of 5
Optimized for quick response
10th Easiest To Use in Vulnerability Scanner software
View top Consulting Services for Invicti (formerly Netsparker)
Save to My Lists
  • Overview
    Expand/Collapse Overview
  • Product Description
    How are these determined?Information
    This description is provided by the seller.

    Invicti is an automated application and API security testing solution that allows enterprise organizations to secure thousands of websites, web apps, and APIs and dramatically reduce the risk of attac

    Users
    No information available
    Industries
    • Financial Services
    • Information Technology and Services
    Market Segment
    • 49% Enterprise
    • 25% Mid-Market
  • Pros and Cons
    Expand/Collapse Pros and Cons
  • Invicti (formerly Netsparker) Pros and Cons
    How are these determined?Information
    Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
    Pros
    Customer Support
    4
    Ease of Use
    4
    Vulnerability Detection
    4
    Vulnerability Identification
    4
    Accuracy of Results
    3
    Cons
    API Issues
    1
    Inadequate Testing
    1
    Limited Testing Capabilities
    1
    Scanning Issues
    1
    Slow Performance
    1
  • User Satisfaction
    Expand/Collapse User Satisfaction
  • Invicti (formerly Netsparker) features and usability ratings that predict user satisfaction
    9.7
    Has the product been a good partner in doing business?
    Average: 9.2
    9.0
    Detection Rate
    Average: 8.9
    9.0
    Automated Scans
    Average: 9.0
    8.0
    Configuration Monitoring
    Average: 8.4
  • Seller Details
    Expand/Collapse Seller Details
  • Seller Details
    Company Website
    Year Founded
    2018
    HQ Location
    Austin, Texas
    Twitter
    @InvictiSecurity
    2,568 Twitter followers
    LinkedIn® Page
    www.linkedin.com
    312 employees on LinkedIn®
Product Description
How are these determined?Information
This description is provided by the seller.

Invicti is an automated application and API security testing solution that allows enterprise organizations to secure thousands of websites, web apps, and APIs and dramatically reduce the risk of attac

Users
No information available
Industries
  • Financial Services
  • Information Technology and Services
Market Segment
  • 49% Enterprise
  • 25% Mid-Market
Invicti (formerly Netsparker) Pros and Cons
How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Customer Support
4
Ease of Use
4
Vulnerability Detection
4
Vulnerability Identification
4
Accuracy of Results
3
Cons
API Issues
1
Inadequate Testing
1
Limited Testing Capabilities
1
Scanning Issues
1
Slow Performance
1
Invicti (formerly Netsparker) features and usability ratings that predict user satisfaction
9.7
Has the product been a good partner in doing business?
Average: 9.2
9.0
Detection Rate
Average: 8.9
9.0
Automated Scans
Average: 9.0
8.0
Configuration Monitoring
Average: 8.4
Seller Details
Company Website
Year Founded
2018
HQ Location
Austin, Texas
Twitter
@InvictiSecurity
2,568 Twitter followers
LinkedIn® Page
www.linkedin.com
312 employees on LinkedIn®

Learn More About Vulnerability Scanner Software

What is Vulnerability Scanner Software?

Vulnerability scanners are used to examine applications, networks, and environments for security flaws and misconfigurations. These tools run a variety of dynamic security tests to identify security threats along an application or network’s attack surface. Scans can be used for anything from an application penetration test to a compliance scan. Depending on the specific objectives a user has, they can customize the vulnerability scanner to test for specific issues or requirements.

Companies can configure these tests to their unique environment. Companies that handle lots of personal or financial data may scan to ensure every transaction or datastore is encrypted from the public. They could also test their web applications against specific threats like SQL injection or cross-site scripting (XSS) attacks. The highly-customizable nature of vulnerability scanners provides users with tailor-made solutions for application and network security examination.

Many of these tools offer continuous scanning and testing for nonstop protection and monitoring. Whatever administrators set as a priority will be tested periodically and inform employees of issues or incidents. Continuous monitoring makes it much easier to discover vulnerabilities before they become an issue and drastically reduce the amount of time a vulnerability takes to remediate.

Key Benefits of Vulnerability Scanner Software

  • Scan networks and applications for security flaws
  • Diagnose, track, and remediate vulnerabilities
  • Identify and resolve misconfigurations
  • Perform ad hoc security tests

Why Use Vulnerability Scanner Software?

Applications and networks are only beneficial to a business if they operate smoothly and securely. Vulnerability scanners are a useful tool to view internal systems and applications from the perspective of the attacker. These tools allow for dynamic testing while applications operate. This helps security teams take a step beyond patches and code analysis to evaluate security posture while the application, network, or instance actually runs.

Application security— Cloud, web, and desktop applications all require security, but operate differently. While many vulnerability scanners support testing for all kinds of applications, vulnerability scanners often support a few application types, but not others. Still, they will all examine the application itself, as well as the paths a user needs to access it. For example, if a vulnerability scanner is used on a web application, the tool will take into account the various attack vectors a hacker might take. This includes a site’s navigation, regional access, privileges, and other factors decided by the user. From there, the scanner will output reports on specific vulnerabilities, compliance issues, and other operational flaws.

Networks — While software applications are often the most obvious use cases for vulnerability scanners, network vulnerability scanners are also quite common. These tools take into account the network itself, as well as computers, servers, mobile devices and any other asset accessing a network. This helps businesses identify vulnerable devices and abnormal behaviors within a network to identify and remediate issues as well as improve their network's security posture. Many even provide visual tools for mapping networks and their associated assets to simplify the management and prioritization of vulnerabilities requiring remediation.

Cloud environments — Not to be confused with cloud-based solutions delivered in a SaaS model, cloud vulnerability scanners examine cloud services, cloud computing environments, and integrated connections. Like network vulnerability scanners, cloud environments require an examination on a few levels. Cloud assets come in many forms including devices, domains, and instances; but all must be accounted for and scanned. In a properly secured cloud computing environment, integrations and API connections, assets, and environments must all be mapped, configurations must be monitored, and requirements must be enforced.

What are the Common Features of Vulnerability Scanner Software?

Vulnerability scanners can provide a wide range of features, but here are a few of the most common found in the market.

Network mapping — Network mapping features provide a visual representation of network assets including endpoints, servers, and mobile devices to intuitively demonstrate an entire network’s components.

Web inspection — Web inspection features are used to assess the security of a web application in the context of its availability. This includes site navigation, taxonomies, scripts, and other web-based operations that may impact a hacker’s abilities.

Defect trackingDefect and issue tracking functionality helps users discover and document vulnerabilities and track them to their source through the resolution process.

Interactive scanning — Interactive scanning or interactive application security testing features allow a user to be directly involved in the scanning process, watch tests in real time, and perform ad hoc tests.

Perimeter scanningPerimeter scanning will analyze assets connected to a network or cloud environment for vulnerabilities.

Black box testingBlack box scanning refers to tests conducted from the hacker’s perspective. Black box scanning examines functional applications externally for vulnerabilities like SQL injection or XSS.

Continuous monitoring — Continuous monitoring allows users to set it and forget it. They enable scanners to run all the time as they alert users of new vulnerabilities.

Compliance monitoringCompliance-related monitoring features are used to monitor data quality and send alerts based on violations or misuse.

Asset discovery — Asset discovery features unveil applications in use and trends associated with asset traffic, access, and usage.

Logging and reporting — Log documentation and reporting provides required reports to manage operations. It provides adequate logging to troubleshoot and support auditing.

Threat intelligence — Threat intelligence features integrate with or store information related to common threats and how to resolve them once incidents occur.

Risk analysis — Risk scoring and risk analysis features identify, score, and prioritize security risks, vulnerabilities, and compliance impacts of attacks and breaches.

Extensibility — Extensibility and integration features provide the ability to extend the platform or product to include additional features and functionalities.

Many vulnerability scanner tools will also offer the following features: 

Potential Issues with Vulnerability Scanner Software

False positives — False positives are one of the most common issues with security tools. They indicate a tool is not running efficiently and introduce lots of unnecessary labor. Users should examine figures related to specific products and their accuracy before purchasing a solution.

Integrations — Integrations can make an application or product do virtually anything, but only if the integration is supported. If a specific solution must be integrated or a specific data source is highly relevant, be sure it’s compatible with the vulnerability scanner before making that decision.

Scalability — Scalability is always important, especially for growing teams. Cloud and SaaS-based solutions are traditionally the most scalable, but desktop and open source tools may be as well. Scalability will be important for teams considering collaborative use, concurrent use, and multi-application and environment scanning.