Help the communities most affected by the California wildfires in only a few minutes. We'll donate $10 for every review you submit.

Best Security Risk Analysis Software

Security risk analysis software solutions are used by companies to analyze IT portfolios and address potential security issues. These tools monitor networks, applications, and infrastructure to identify vulnerabilities. They then provide users with recommendations to adopt additional security practices or solutions. Companies use these tools to ensure they have a well-rounded security plan and sufficient security technologies. These solutions may have some overlap with IT portfolio analysis software but are specifically targeted toward security operations and software.

To qualify for inclusion in the Security Risk Analysis software category, a product must:

  • Analyze a company’s security software, hardware, and operations
  • Inform users of known vulnerabilities or holes in their security plan
  • Provide recommendations to optimize security planning across IT systems
G2 Crowd Grid® for Security Risk Analysis
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
Filters
Star Rating

Security Risk Analysis reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Security Risk Analysis Software
Results: 47
    G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
    Sort By:

    The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.


    Going beyond malware protection, F-Secure provides end-point protection and security management solutions. Developed in Europe for businesses around the globe.


    Qualys' integrated approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively. Our solutions empower various roles within the organization to meet your unique requirements. Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud: • AssetView • Vulnerability Management • Continuous Monitoring • ThreatPROTECT • Policy Compliance • Security Assessment Questionnaire • PCI Compliance • Web Application Scanning • Web Application Firewall • Malware Detection



    Cyberoam Unified Threat Management appliances, available as hardware and virtual appliances, offer comprehensive security to organizations.


    Tripwire is a provider of advanced threat, security and compliance solutions to confidently detect, prevent and respond to cybersecurity threats


    AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure. With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud. Five Essential Security Capabilities in a Single SaaS Platform AlienVault USM Anywhere provides five essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. With USM Anywhere, you can focus on finding and responding to threats, not managing software. An elastic, cloud-based security solution, USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows. 1. Asset Discovery 2. Vulnerability Assessment 3. Intrusion Detection 4. Behavioral Monitoring 5. SIEM



    Sophisticated, targeted attacks can take weeks, months or longer to discover and resolve. Incident response teams need tools that quickly uncover the full source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk and further fortify the network. Like a security camera for the network, Blue Coat Security Analytics delivers full network security visibility, advanced network forensics, anomaly detection and real-time content inspection for all network activity. This effectively arms security and incident response teams to identify and detect advanced malware crossing the network and contain zero-day and advanced targeted attacks. A comprehensive record of all network activity lets you conduct swift forensic investigations, perform proactive incident response and resolve breaches in a fraction of the time.


    Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments. Gen7R2 enables organizations to: - Define the systems that need protection - Ensure those systems are secured, compliant and fit for purpose at all times - Provide intelligent change control to ensure systems remain in a ‘known secure and compliant state’ - Enable organizations to move projects securely from Development to Operations Gen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. Security and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps is delivered and underpins effective, ongoing security and operational availability. With Gen7R2 you have the ability to reduce change noise by more than 90%, leaving only changes that are unknown, unwanted, unexpected or potentially malicious in nature for further investigation.


    Azure Security Center provides security management and threat protection across your hybrid cloud workloads. It allows you to prevent, detect, and respond to security threats with increased visibility.


    Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.


    Tenable.io is the only cybersecurity company that empowers customers to gain control of their risk by knowing and prioritizing vulnerabilities across their entire attack surface including traditional, cloud, mobile and DevOps environments.


    Alert Logic Threat Manager with ActiveWatch is a cloud-based managed intrusion detection and vulnerability assessment solution.


    ARCON's Secure Compliance Management is a risk, security and Information Management tool used for automated risk assessment and analysis.


    Atomicorp OSSEC GUI is a PCI compliance software that provides security and log management for OSSEC.


    AttackTree is a vulnerability management software that helps predict hacking attacks and develop prevention schemes.


    Auditor Enterprise is a patch management software that automates reporting of configuration settings across business critical systems, applications, and databases.


    AVDS is a complete network scanning solution available in a broad product line. AVDS was designed for continent spanning networks with tens of thousands of IPs, but that same, powerful scanning engine is available in an entry level version for small networks run by a single administrator. It is also available as a hosted solution for the scanning of one to one thousand external IPs or web sites.


    Validate the security posture of your networks with real applications and a complete range of threat vectors


    Cryptosense provides state-of-the-art analysis software to help businesses eliminate the vulnerabilities caused by insecure use of cryptography in their applications and infrastructure.


    CyberInt developed the CybeReadiness Suite to enable CISOs and senior executives to continuously measure and monitor their organization’s cyber readiness. The suite simulates complex attack scenarios targeting your organization, all from the perspective of an attacker, validating your defense's efficiency in the face of current and emerging cyber threats.


    Cybergovernance Maturity Oversight Model (CMOM) is a SaaS platform that collects data on cybersecurity controls within an organization to generate information needed for directors and executive management to identify defensive weak spots, assign responsibility to managers, encourage inter-departmental collaboration and demonstrate active and evolving cybersecurity maturity.


    Wolters Kluwer’s ELM Solutions Cybersecurity Risk Assessment application is designed to help corporate legal departments manage IT security risk across their law firms and other legal service providers.


    Deepfence provides application layer intrusion prevention for modern workloads. Deepfence's Security as a Microservice gets deployed as a lightweight sidecar container on every host, and can be scaled and orchestrated in exactly the same manner as your other containers.


    FireMon is the No.1 Intelligent Security Management solution provider, combining advanced automation and analysis to deliver next-generation security intelligence to enterprise organizations, government agencies and managed security providers. The FireMon product suite enables network security and operations teams to more effectively manage their security infrastructure. Security Manager FireMon Security Manager provides continuous visibility into and control over network security devices and policies in large enterprise environments. Through web-based KPI dashboards, traffic flow analysis and network access mapping, the platform proactively delivers the intelligence IT security, network and compliance teams need to optimize their network device configurations, monitor and validate compliance and review and make policy changes. The addition of the following add-on modules expands the capabilities of Security Manager to include workflow automation and risk analysis. • Policy Planner automates change workflows and gives firewall administrators the necessary tools to evolve policy and protection over time. This web-based module collects user requirements, recommends rule changes, provides detailed risk assessment of requests changes and supports full system audits and verification. Policy Planner uses the BPMN standard, integrating with existing business-process tools and enabling communication throughout the change process. • Policy Optimizer automates the rule review and recertification process. With Policy Optimizer, IT teams can identify troublesome rules, understand why they were created and determine if they remain relevant. The automated workflow generates event-driven or ad hoc rule review, validates rule justification with the policy owner and quantifies the risk of the requested changes so they do not impact service • Risk Analyzer reduces risk by proactively analyzing your network infrastructure, then simulating how attackers might gain access through vulnerabilities in business assets. Risk Analyzer allows IT teams to quickly assess the impact of a potential attack, where multiple exploits can be used in combination and how prepared network defenses are to defeat an attack. Immediate Insight Immediate Insight from FireMon is a real-time security analytics software that brings the speed and simplicity of a search engine to data analysis and discovery. It merges machine learning, correlation and natural language in a simple, workflow-centric interface to reveal relationships in the data that users may not have even known to look for.


    FortifyData offers a clear and accurate analysis of cyber risks through a risk scoring platform. Using statistical analysis and continuous monitoring of a company’s network and application layer, dark web search discoveries, IP reputation, and breach history records, companies can now understand their current cyber risk posture using our easy to understand scoring model ranging from 300 to 900.


    Want to know if your system has malware? bDiscover has found a way to use software behavior in structured disassembly to reduce your time and ultimately your cost.


    Continuously identify and assess risk across your cloud, virtual, remote, local, and containerized infrastructure. Leverage unparalleled attacker analytics to prioritize vulns more precisely with a Real Risk score that goes beyond just CVSS. Break down the silos between IT, security, and development to streamline and automate remediation efforts.


    Kenna is a software-as-a-service Risk and Vulnerability Intelligence platform that measures risk and prioritizes remediation efforts before an attacker can exploit an organization's weaknesses, it automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture.


    Layered Insight, the pioneer and global leader in Container Native Application Protection, enables organizations to unify DevOps and SecOps by providing complete visibility and control of containerized applications.


    MaxPatrol is an all-in-one vulnerability management solution designed to provide vulnerability and compliance management for applications, databases, network and operating systems, as well as ERP (SAP), ICS/SCADA, Core Telecom and Banking infrastructure.


    Allows connection with external SAF compliant security systems. Available for Natural on mainframe. Read more


    Built for security practitioners, by security professionals, Nessus Professional is the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices and applications. With features such as pre-built policies and templates, customizable reporting, group “snooze” functionality, and real-time updates, Nessus is designed to make vulnerability assessment simple, easy and intuitive. The result: less time and effort to assess, prioritize, and remediate issues.


    Quickly identifies undiscovered vulnerabilities, so you can stay secure, harden your networks and prevent attacks in minutes.


    NopSec Unified Vulnerability Risk Management (VRM) correlates vulnerability data with your IT environment and attack patterns in the wild to help you avoid false positives and find the threats that matter. Unified VRM prioritizes security vulnerabilities based on business risk and context with proprietary threat prediction models and cyber intelligence – including malware, exploit, patching and social media feeds to predict the true probability of attacks. It replaces manual remediation tasks with automated workflow, integrated communication capabilities and incident management – guided by rich visualization dashboards for easy reporting on current status.


    OneSpan Risk Analytics achieves the twin goal of strong security and optimal user experience. It analyzes vast mobile, application and transaction data, in real-time, to effectively detect fraud and dynamically step up security to stop fraudulent transactions, improving the customer experience and defeating sophisticated fraud.


    Prevalent's comprehensive third party risk management (TPRM) platform helps your organization proactively manage third party risk through understanding that "one size does not fit all". Our integrated suite of solutions includes automated assessment software, continuous threat monitoring, and innovative vendor evidence sharing networks.


    RedSeal helps customers understand their network from the inside out – providing actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and improve their resilience.


    BeyondTrust Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-driven architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud, virtual, and IoT infrastructure. - Discover network, web, mobile, cloud, virtual, and IoT infrastructure - Profile asset configuration and risk potential - Pinpoint vulnerabilities, malware and attacks - Analyze threat potential, return on remediation and more - Isolate high-risk assets through advanced threat analytics - Remediate vulnerabilities through integrated patch management - Report on vulnerabilities, compliance, benchmarks, etc - Protect endpoints against client-side attacks Learn more: https://www.beyondtrust.com/products/retina-cs/


    Secudit combines user behavior monitoring, penetration testing, and cyber-threat intelligence to provide an enterprise with an ongoing assessment of enterprise IT cyber-security vulnerability.


    Secure Configuration Manager helps you to proactively enforce security configuration policy across critical systems in evolving IT environments.


    SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their ecosystems through continuous, non-intrusive monitoring. The company’s approach to security focuses on identifying vulnerabilities from an outside-in perspective, the same way a hacker would. SecurityScorecard’s proprietary SaaS platform offers an unmatched breadth and depth of critical data points including a broad range of risk categories such as Web, Application Security, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Leaked Credentials, DNS Health, Endpoint Security, IP Reputation and Cubit Score.


    Threat–centric vulnerability management (TCVM) from Skybox™ Security is the best approach to managing and prioritizing vulnerabilities. Using up-to-date intelligence of your network and threats, Skybox gives you the power to target action where it matters most and be proactive against the threats of ransomware, malware, exploit kits and targeted attacks. Skybox prioritizes vulnerabilities the smart way, putting imminent threats at the top of your to-do list and helping you systematically deal with potential threats over time. Skybox looks for vulnerabilities which are: • Exposed, based on your network and security controls • Exploited in the wild or used in attacks on your industry or geography • Known to have an exploit code published • In your network but have no known exploit With attack surface visualization, vulnerability and threat intelligence and attack vector analytics, TCVM gives you the tools and context needed to pinpoint vulnerabilities posing real risk, and fix them immediately. Be ready for the next WannaCry, Heartbleed or whatever comes along with a vulnerability management program that can meet the threats of today and adapt to those of the future. To see the full suite of solutions Skybox has to offer, visit www.skyboxsecurity.com, start your 30-day free product tour or schedule a demo with your Skybox Representative today.


    The CyberStrong Platform implements the language of cyber for the future of business. Empower your team to streamline continuous compliance and risk management with CyberStrong's unparalleled time-to-value, breakthrough AI and Machine Learning, and agile workflow. Get instant visibility into any combination of compliance standards and experience what immediate cybersecurity ROI feels like.


    Veriflow brings formal verification to network infrastructure for the first time, continuously ensuring your network operates as intended.


    Threatcare's Violet is the only cloud-based automated cybersecurity assessment platform that enables continuous security validation.