Vulnerability management software performs cyclical monitoring tasks to identify, diagnose, and remedy network threats such as hackers, viruses, or malware. Businesses will use vulnerability management tools to constantly test their network’s security and identify threats. IT managers and administrators use vulnerability management to automate tests and monitoring tasks required to maintain a secure network. Once a threat is detected, vulnerability management software will either alert administrators, remedy issues automatically, or install a patch to alter security policies. Vulnerability management products share many features with data security, network security, and web security tools. But vulnerability management tools are focused solely on the identification and management of network threats.
To qualify for inclusion in the Vulnerability Management category, a product must:
Vulnerability Management reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Unified Security Management (USM) is AlienVault’s comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five core security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat detection, incident response, and compliance, in a single pane of glass. Designed to monitor cloud, hybrid cloud and on-premises environments, AlienVault USM significantly reduces complexity and reduces deployment time so that users can go from installation to first insight in minutes for the fastest threat detection. Unlike traditional security point technologies, AlienVault Unified Security Management does the following: - Unifies essential security controls into a single all-in-one security monitoring solution - Monitors your cloud, hybrid cloud, and on-premises infrastructure - Delivers continuous threat intelligence to keep you aware of threats as they emerge and change - Provides comprehensive threat detection and actionable incident response directives - Deploys quickly, easily, and with minimal effort - Reduces TCO over traditional security solutions
Qualys' integrated approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively. Our solutions empower various roles within the organization to meet your unique requirements. Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud: • AssetView • Vulnerability Management • Continuous Monitoring • ThreatPROTECT • Policy Compliance • Security Assessment Questionnaire • PCI Compliance • Web Application Scanning • Web Application Firewall • Malware Detection
SolarWinds Patch Manager integrates with WSUS and Microsoft update agent, and automatically updates Windows patches based on custom schedules. In addition, you can create different patching schedules for different business groups within the organization per custom requirements.
SiteLock, the global leader in website security solutions, is the only provider to offer complete, cloud-based website protection. Its 360-degree monitoring detects and fixes threats, prevents future attacks, accelerates website performance, and meets PCI compliance standards for businesses of all sizes. Founded in 2008, the company protects over 12 million websites worldwide. For more information, please visit sitelock.com.
Log & Event Manager (LEM) is an ACTIVE monitoring SIEM solution that automatically detects, alerts and responds to suspicious behavior on multi-vendor network devices, servers, workstations and applications. LEM comes as a downloadable virtual appliance for quick deployment, and enables threat intelligence and real-time event correlations right out-of-the-box enabling faster response to cyber-attacks.
REVE Antivirus is an IT Security software for home users and enterprises that provides protection from virus, spyware and other malware providing complete digital security it has anti-rootkit, Anti-spam, Data Theft Protection and Parental Control with Live notification.
NNT Change Tracker Generation 7 uses either an agent-based or agentless architecture – the choice is yours. After initial discovery, NNT-Change Tracker scans your devices and compares them to a standard policy. The policy applied will either be user defined or based on an industry standard such as the Center for Internet Security (CIS). Policies can be automatically assigned based on the device type or priority via a centrally managed console. NNT analyses every configurable component within your IT Estate and allows you to define a ‘Known, Good, Secure and Compliant State’ for all of your in scope systems. Once IT systems are rendered ‘Provably Secure, Compliant & Malware Free’, NNT Change Tracker monitors for any deviations to both policy and state. Changes are intelligently categorized as either planned or unplanned and automated threat intelligence feeds provide ultimate reassurance that changes are acceptable and malware free. NNT-Change Tracker is able to fully automate change approval for you, using our unique intelligent change control knowledge base and whitelist. And now you can use the NNT FAST™ (File Approved-Safe technology) Cloud to do just this, in real-time. NNT Change Tracker utilizes a unique change control system known as ‘Closed Loop Intelligent Change Control’. This ensures that what actually changed, matches the expected approved change profile. NNT Change Tracker learns over time, which changes within your environment are normal and which are abnormal and is able to apply threat-based logic to the automation of change approvals. The result is a massive reduction in false positives making the process of both ‘stopping and spotting’ a breach vastly more straightforward. Any configuration drift can also be automatically remediated using the inbuilt remediation kit leveraging CIS or any other policy standard. With NNT’s real-time capabilities, unlike traditional scanning or exclusively agentless technologies, potential breaches to systems or policies are spotted immediately.
Automoxs cloud-based solution simplifies patching and configuration management across Windows, Linux, Mac OS X, and 3rd party software. Automox provides IT managers and sysadmins with a patching system of record to track, control, and manage their patching process, providing greater security, improved productivity, and significant time savings. Automox is designed to complement your environment, whether you need a new patching solution or want to improve your existing patch workflow.
Managed Workplace is a complete remote monitoring and network management platform with powerful, integrated security tools and services. With Managed Workplace, service providers can quickly assess vulnerabilities, secure weak points, monitor anomalies, and seamlessly recover data in the event of an attack — all from a single dashboard. Managed Workplace brings a cost-effective, multi-tenant security lens to remote monitoring management — enabling MSPs to grow their business, differentiate their services, and build customer loyalty.
The Predictive Abuse-Prevention Solution for Email Service Providers BlackBox is the world's most comprehensive resource for finding potentially problematic email addresses, allowing ESPs to preemptively score the quality of their senders' lists and manage senders more effectively.
DashO is a Java and Android Obfuscator plus much more. It provides enterprise-grade app hardening and shielding, greatly reducing the risk of intellectual property theft, data theft, piracy, and tampering. Our layered obfuscation, encryption, watermarking, auto-expiry, anti-debug, anti-tampering, anti-rooted device solution provides protection for applications all around the world.
OUTSCAN™ is an automated vulnerability management solution that scans and secures external networks, allowing companies to protect sensitive data. It analyzes perimeters, detects vulnerabilities, notifies organizations and gives remediation solutions to prevent cybercriminals from penetrating their networks. OUTSCAN™ can fit any size organizations. It is easily deployable as a SaaS solution, but Outpost24 security experts can implement it if needed. Finally, the customer support is available 24/7 to answer every questions and help organizations managing their vulnerabilities and securing their external networks. Know more > https://outpost24.com/external-network-security
Everyone uses the internet, both the good guys and bad guys. RiskIQ catalogs, maps, and enriches the structure of the internet to let you take charge of your digital presence and combat threats to your organization. Our four key products that make up our Digital Threat Management suite include RiskIQ Digital Footprint, External Threats, PassiveTotal, and Security Intelligence Services.
Appknox is a cloud-based mobile app security solution that helps businesses and developers detect and resolve security issues in their apps, in just a few minutes and without access to any source code. Appknox uses a device farm of real devices to test your apps for over 80 security test cases resulting in a report that lays down actionable insights for developers to be able to build a secure app.
AVDS is a complete network scanning solution available in a broad product line. AVDS was designed for continent spanning networks with tens of thousands of IPs, but that same, powerful scanning engine is available in an entry level version for small networks run by a single administrator. It is also available as a hosted solution for the scanning of one to one thousand external IPs or web sites.
Sophisticated, targeted attacks can take weeks, months or longer to discover and resolve. Incident response teams need tools that quickly uncover the full source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk and further fortify the network. Like a security camera for the network, Blue Coat Security Analytics delivers full network security visibility, advanced network forensics, anomaly detection and real-time content inspection for all network activity. This effectively arms security and incident response teams to identify and detect advanced malware crossing the network and contain zero-day and advanced targeted attacks. A comprehensive record of all network activity lets you conduct swift forensic investigations, perform proactive incident response and resolve breaches in a fraction of the time.
bugScout is a next-gen SAST platform for detecting vulnerabilities in application and website source codes, designed by ethical hackers and cybersecurity analysts coming out of Deloitte’s European cyberthreat SOC competency center. Today, source code security audits are snapshots that define the status at a point in time and deliver reports that are already out of date by the time they are finished because the development process is continuous. With its fast performance and scalability, bugScout enables continuous source code analysis. Security audits can keep pace with the speed of the development process, and role-based reports facilitate communications between security analysts and developers to help identify vulnerabilities, pinpoint the causes and remediate the problems.
Insignary Clarity enables proactive scanning of embedded firmware or any binaries for known, preventable security vulnerabilities, and also identifies potential license compliance issues. Clarity uses unique fingerprinting technology, which works on the binary without the source code or reverse engineering, making it simple for companies to take proper, preventive action before the deployment of their products.
Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.
Code Dx’s automated application vulnerability correlation shaves weeks off that process so you can get right to fixing your code. Its vulnerability management lets you quickly prioritize vulnerabilities (to fix the most important ones first), track progress of their remediation, and observe how your code's security changes over time.
Continuity Engine ("CE") is a business continuity software that protects your most mission-critical applications with a goal of zero downtime. Beyond HA or replication, CE takes a proactive approach with true continuous data protection. CE delivers near-zero recovery times by monitoring the health of your applications and instantly failing over if a threat is detected. Simply put, we can help you prepare for and protect your applications, servers, and data from disaster and unplanned outages.
CyberInt developed the CybeReadiness Suite to enable CISOs and senior executives to continuously measure and monitor their organization’s cyber readiness. The suite simulates complex attack scenarios targeting your organization, all from the perspective of an attacker, validating your defense's efficiency in the face of current and emerging cyber threats.
Cybergovernance Maturity Oversight Model (CMOM) is a SaaS platform that collects data on cybersecurity controls within an organization to generate information needed for directors and executive management to identify defensive weak spots, assign responsibility to managers, encourage inter-departmental collaboration and demonstrate active and evolving cybersecurity maturity.
DarkMatter's Cyber Network Defence division provides sophisticated active defence solutions, including assessments, penetration testing, threat hunting, and incident readiness and response services to help organisations unify and strengthen their security programmes.
Digital Defense is a cloud-based network & information security that helps organizations establish a culture of security through regular information security assessments, awareness education and decisive security intelligence to reduce risk and keep information, intellectual property and reputations secure.
Trend Micro Endpoint Encryption encrypts data on a wide range of devices, both PCs and Macs, laptops and desktops, USB drives, and other removable media. This solution combines enterprise-wide full disk, file/folder, and removable media encryption to prevent unauthorized access and use of private information.
FireMon is the No.1 Intelligent Security Management solution provider, combining advanced automation and analysis to deliver next-generation security intelligence to enterprise organizations, government agencies and managed security providers. The FireMon product suite enables network security and operations teams to more effectively manage their security infrastructure. Security Manager FireMon Security Manager provides continuous visibility into and control over network security devices and policies in large enterprise environments. Through web-based KPI dashboards, traffic flow analysis and network access mapping, the platform proactively delivers the intelligence IT security, network and compliance teams need to optimize their network device configurations, monitor and validate compliance and review and make policy changes. The addition of the following add-on modules expands the capabilities of Security Manager to include workflow automation and risk analysis. • Policy Planner automates change workflows and gives firewall administrators the necessary tools to evolve policy and protection over time. This web-based module collects user requirements, recommends rule changes, provides detailed risk assessment of requests changes and supports full system audits and verification. Policy Planner uses the BPMN standard, integrating with existing business-process tools and enabling communication throughout the change process. • Policy Optimizer automates the rule review and recertification process. With Policy Optimizer, IT teams can identify troublesome rules, understand why they were created and determine if they remain relevant. The automated workflow generates event-driven or ad hoc rule review, validates rule justification with the policy owner and quantifies the risk of the requested changes so they do not impact service • Risk Analyzer reduces risk by proactively analyzing your network infrastructure, then simulating how attackers might gain access through vulnerabilities in business assets. Risk Analyzer allows IT teams to quickly assess the impact of a potential attack, where multiple exploits can be used in combination and how prepared network defenses are to defeat an attack. Immediate Insight Immediate Insight from FireMon is a real-time security analytics software that brings the speed and simplicity of a search engine to data analysis and discovery. It merges machine learning, correlation and natural language in a simple, workflow-centric interface to reveal relationships in the data that users may not have even known to look for.
FortifyData offers a clear and accurate analysis of cyber risks through a risk scoring platform. Using statistical analysis and continuous monitoring of a company’s network and application layer, dark web search discoveries, IP reputation, and breach history records, companies can now understand their current cyber risk posture using our easy to understand scoring model ranging from 300 to 900.
IBM i2 Enterprise Insight Analysis helps your organization turn overwhelming and disparate data into actionable insight and intelligence, in near real time. From national security and defense, to cyber and enterprise-wide threats, the solution helps you develop a comprehensive understanding of your threat landscape to identify vulnerabilities and disrupt threats.
ImmuniWeb combines managed vulnerability scanning with manual penetration testing in real-time. The unique hybrid approach assures the highest vulnerability detection rate, accuracy and reliability. While proprietary machine-learning technology assures scalability and cost-effectiveness. With ImmuniWeb web security testing becomes affordable and available to companies of all sizes, enabling them to secure their websites and web applications with just few clicks.
iTrust provides cybersecurity risk ratings and risk intelligence to help businesses build trusted relationships with their vendors, partners, and suppliers. iTrust collects and analyzes third-party risk metrics using machine learning to deliver 360 vendor security and compliance visibility. iTrust is designed to be the world's most intelligent cyber risk rating and threat intelligence platform.
ManageEngine Patch Manager scans endpoints to detect missing patches, tests patches before deployment to mitigate security risks automates patch deployment to OS and 3rd party applications, audits and reports for better visibility and control.
Dotfuscator is a .NET Obfuscator & much more. It provides enterprise-grade app protection, greatly reducing the risk of piracy, intellectual property theft and tampering. Our layered obfuscation, encryption, watermarking, auto-expiry, anti-debug, anti-tampering and alerting and defense technology provides protection for hundreds of thousands of applications around the world.
Network Security Task Manager securely protects Windows networks from sophisticated malware not detected by traditional security solutions. Today malware is diverse and numerous. Thousands of potential spyware, Trojans, keyloggers and spybots endanger the safety of your private and business information. The constant development of malware techniques makes traditional signature-based systems quite ineffective in detecting new and emerging threats. The innovative solution by Neuber Software - Network Security Task Manager - is an must-have for proper Windows network protection. Network Security Task Manager is based on behavior and code analysis. It protects Windows networks from industrial espionage, sabotage and security-critical software, informing you about active malware on networked computers in real time mode. This compact and fast tool analyzes Windows processes running on networked computers and shows a unique security risk rating for each process. Besides, Network Security Task Manager displays full directory path and file name of a certain process, its description and manufacturer, computers the process runs on and embedded hidden functions, such as keyboard monitoring or browser supervision. It should be noted that Network Security Task Manager stands out from other behavior-based programs. Apart from providing an easy overview about running processes on networked computers it has some major advantages over similar tools. Network Security Task Manager needs no installation, no setup, and no updates. The user license is unlimited, and after a single payment no additional subscription fees are imposed. The price is reasonable and depends on the number of computers that are monitored. The price of unlimited user license depends on the number of computers monitored, e.g. 20 USD per client for 5 clients or 8 USD per client for 100 clients. See more details on http://www.neuber.com/network-taskmanager/
NopSec Unified Vulnerability Risk Management (VRM) correlates vulnerability data with your IT environment and attack patterns in the wild to help you avoid false positives and find the threats that matter. Unified VRM prioritizes security vulnerabilities based on business risk and context with proprietary threat prediction models and cyber intelligence – including malware, exploit, patching and social media feeds to predict the true probability of attacks. It replaces manual remediation tasks with automated workflow, integrated communication capabilities and incident management – guided by rich visualization dashboards for easy reporting on current status.
At the heart of the Platform are a set of core capabilities including multi-dimensional data analysis, behavioral analytics, continuous risk assessment, adaptive response enforcement and a robust and flexible policy engine. These capabilities help to power the Platform for delivering a scalable set of applications that help customers prevent threats and support broad set of use cases. The applications include:
Prevalent's comprehensive third party risk management (TPRM) platform helps your organization proactively manage third party risk through understanding that "one size does not fit all". Our integrated suite of solutions includes automated assessment software, continuous threat monitoring, and innovative vendor evidence sharing networks.
BeyondTrust Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-driven architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud, virtual, and IoT infrastructure. - Discover network, web, mobile, cloud, virtual, and IoT infrastructure - Profile asset configuration and risk potential - Pinpoint vulnerabilities, malware and attacks - Analyze threat potential, return on remediation and more - Isolate high-risk assets through advanced threat analytics - Remediate vulnerabilities through integrated patch management - Report on vulnerabilities, compliance, benchmarks, etc - Protect endpoints against client-side attacks Learn more: https://www.beyondtrust.com/products/retina-cs/
RiskRate delivers a robust solution for your third-party risk management and enterprise due diligence program. Execute on your risk-based third-party risk management program with centralized onboarding, screening and continuous third party monitoring.
SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their ecosystems through continuous, non-intrusive monitoring. The company’s approach to security focuses on identifying vulnerabilities from an outside-in perspective, the same way a hacker would. SecurityScorecard’s proprietary SaaS platform offers an unmatched breadth and depth of critical data points including a broad range of risk categories such as Web, Application Security, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Leaked Credentials, DNS Health, Endpoint Security, IP Reputation and Cubit Score.
Threat–centric vulnerability management (TCVM) from Skybox™ Security is the best approach to managing and prioritizing vulnerabilities. Using up-to-date intelligence of your network and threats, Skybox gives you the power to target action where it matters most and be proactive against the threats of ransomware, malware, exploit kits and targeted attacks. Skybox prioritizes vulnerabilities the smart way, putting imminent threats at the top of your to-do list and helping you systematically deal with potential threats over time. Skybox looks for vulnerabilities which are: • Exposed, based on your network and security controls • Exploited in the wild or used in attacks on your industry or geography • Known to have an exploit code published • In your network but have no known exploit With attack surface visualization, vulnerability and threat intelligence and attack vector analytics, TCVM gives you the tools and context needed to pinpoint vulnerabilities posing real risk, and fix them immediately. Be ready for the next WannaCry, Heartbleed or whatever comes along with a vulnerability management program that can meet the threats of today and adapt to those of the future. To see the full suite of solutions Skybox has to offer, visit www.skyboxsecurity.com, start your 30-day free product tour or schedule a demo with your Skybox Representative today.
SOCVue Vulnerability Management is a service that helps reduce attack surface by proactively identifying vulnerabilities across IT environment, prioritizing them based on business impact and risk, and providing remediation guidance to save significant time and reducing operational costs.
SWAT (the Secure Web Application Tactics) is a continuous vulnerability management solution. Its allows a full vulnerability coverage thanks to the association of vulnerability scanning tools and Outpost24 experienced security technicians. SWAT adjusts its scanning to new threats discovered and adapts to any changes in the application. All deployment and maintenance is performed by Outpost24 experts team. Companies can stay focused on their core activity, Outpost24 takes care of their web application security. Customer support is available 24/7. Know more > https://outpost24.com/swat
The CyberStrong Platform implements the language of cyber for the future of business. Empower your team to streamline continuous compliance and risk management with CyberStrong's unparalleled time-to-value, breakthrough AI and Machine Learning, and agile workflow. Get instant visibility into any combination of compliance standards and experience what immediate cybersecurity ROI feels like.
VMRay Analyzer provides best-in-class threat detection and mitigation capabilities, a fast and powerful tool for a rapidly evolving threat landscape. Unlike traditional malware analysis systems, VMRay Analyzer cannot be evaded by malware because of its unique hypervisor-based approach – nothing is modified in the target environment being monitored.