Vulnerability management software performs cyclical monitoring tasks to identify, diagnose, and remedy network threats such as hackers, viruses, or malware. Businesses will use vulnerability management tools to constantly test their network’s security and identify threats. IT managers and administrators use vulnerability management to automate tests and monitoring tasks required to maintain a secure network. Once a threat is detected, vulnerability management software will either alert administrators, remedy issues automatically, or install a patch to alter security policies. Vulnerability management products share many features with data security, network security, and web security tools. But vulnerability management tools are focused solely on the identification and management of network threats.
To qualify for inclusion in the Vulnerability Management category, a product must:
Vulnerability Management reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Consultants and organizations around the world use Nessus® Professional to reduce their IT attack surface and ensure compliance. Nessus features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery and more. Nessus supports more technologies than competitive solutions, scanning operating systems, network devices, next generation firewalls, hypervisors, databases, web servers and critical infrastructure for vulnerabilities, threats and compliance violations. With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable’s expert vulnerability research team, Nessus sets the standard for vulnerability scanning speed and accuracy.
Qualys' integrated approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively. Our solutions empower various roles within the organization to meet your unique requirements. Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud: • AssetView • Vulnerability Management • Continuous Monitoring • ThreatPROTECT • Policy Compliance • Security Assessment Questionnaire • PCI Compliance • Web Application Scanning • Web Application Firewall • Malware Detection
SolarWinds Patch Manager integrates with WSUS and Microsoft update agent, and automatically updates Windows patches based on custom schedules. In addition, you can create different patching schedules for different business groups within the organization per custom requirements.
Netsparker develops an industry leading automated web application security solution. Available as Windows software, online and on-premises service, the Netsparker scanner can automatically detect SQL Injection, Cross-site Scripting and other vulnerabilities in any type of modern HTML5, Single Page Application (SPA), Web 2.0 web application and web services, regardless of the technology they are built with. The Netsparker scanner does not just report the vulnerabilities, it also generates a proof of exploit confirming they are real and not false positives. Therefore you do not have to waste time manually verifying the scanner’s findings and can easily scale up web application security and scan thousands of websites within a matter of hours. Netsparker is trusted and used by world renowned companies such as Samsung, Ernst & Young, Skype, NASA, ISACA and ING Bank.
AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure. With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud. Five Essential Security Capabilities in a Single SaaS Platform AlienVault USM Anywhere provides five essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. With USM Anywhere, you can focus on finding and responding to threats, not managing software. An elastic, cloud-based security solution, USM Anywhere can readily scale to meet your threat detection needs as your hybrid cloud environment changes and grows. 1. Asset Discovery 2. Vulnerability Assessment 3. Intrusion Detection 4. Behavioral Monitoring 5. SIEM
Sophisticated, targeted attacks can take weeks, months or longer to discover and resolve. Incident response teams need tools that quickly uncover the full source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk and further fortify the network. Like a security camera for the network, Blue Coat Security Analytics delivers full network security visibility, advanced network forensics, anomaly detection and real-time content inspection for all network activity. This effectively arms security and incident response teams to identify and detect advanced malware crossing the network and contain zero-day and advanced targeted attacks. A comprehensive record of all network activity lets you conduct swift forensic investigations, perform proactive incident response and resolve breaches in a fraction of the time.
Symantec Patch Management Solution allows you to proactively manage patches and software updates by automating the collection, analysis, and delivery of patches across your enterprise. The solution can significantly help you decrease the costs involved in testing and delivering patches to protect your environment.
NNT Change Tracker Generation 7 uses either an agent-based or agentless architecture – the choice is yours. After initial discovery, NNT-Change Tracker scans your devices and compares them to a standard policy. The policy applied will either be user defined or based on an industry standard such as the Center for Internet Security (CIS). Policies can be automatically assigned based on the device type or priority via a centrally managed console. NNT analyses every configurable component within your IT Estate and allows you to define a ‘Known, Good, Secure and Compliant State’ for all of your in scope systems. Once IT systems are rendered ‘Provably Secure, Compliant & Malware Free’, NNT Change Tracker monitors for any deviations to both policy and state. Changes are intelligently categorized as either planned or unplanned and automated threat intelligence feeds provide ultimate reassurance that changes are acceptable and malware free. NNT-Change Tracker is able to fully automate change approval for you, using our unique intelligent change control knowledge base and whitelist. And now you can use the NNT FAST™ (File Approved-Safe technology) Cloud to do just this, in real-time. NNT Change Tracker utilizes a unique change control system known as ‘Closed Loop Intelligent Change Control’. This ensures that what actually changed, matches the expected approved change profile. NNT Change Tracker learns over time, which changes within your environment are normal and which are abnormal and is able to apply threat-based logic to the automation of change approvals. The result is a massive reduction in false positives making the process of both ‘stopping and spotting’ a breach vastly more straightforward. Any configuration drift can also be automatically remediated using the inbuilt remediation kit leveraging CIS or any other policy standard. With NNT’s real-time capabilities, unlike traditional scanning or exclusively agentless technologies, potential breaches to systems or policies are spotted immediately.
Insignary Clarity enables proactive scanning of embedded firmware or any binaries for known, preventable security vulnerabilities, and also identifies potential license compliance issues. Clarity uses unique fingerprinting technology, which works on the binary without the source code or reverse engineering, making it simple for companies to take proper, preventive action before the deployment of their products.
Website Threat Inspector (WTI) utilizes data, white hat penetration testing, and machine learning to provide an all-in-one security solution for domains and other online assets. WTI detects web vulnerabilities, illicit content, webpage defacement and backdoors to prevent possible financial loss caused by damage to your brand reputation
Automoxs cloud-based solution simplifies patching and configuration management across Windows, Linux, Mac OS X, and 3rd party software. Automox provides IT managers and sysadmins with a patching system of record to track, control, and manage their patching process, providing greater security, improved productivity, and significant time savings. Automox is designed to complement your environment, whether you need a new patching solution or want to improve your existing patch workflow.
Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, Vancouver, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com. com.
ConnectWise Automate third party patch management allows you to audit, patch, document, and even bill for third party application updates. All third party patch definitions are deployed following best practices, with automatic daily downloads ensuring you always patch to the latest version. Administrative time is significantly reduced so your technicians can focus their attention elsewhere.
IBM i2 Enterprise Insight Analysis helps your organization turn overwhelming and disparate data into actionable insight and intelligence, in near real time. From national security and defense, to cyber and enterprise-wide threats, the solution helps you develop a comprehensive understanding of your threat landscape to identify vulnerabilities and disrupt threats.
ImmuniWeb® AI Platform for Application Security leverages Machine Learning and AI for intelligent automation and acceleration of Application Security Testing (AST). Complemented by scalable and cost-effective manual testing, it detects the most sophisticated vulnerabilities and comes with a zero false-positives SLA. ImmuniWeb® Discovery is a part of the ImmuniWeb AI Platform for Application Security. Leveraging big data and a non-intrusive OSINT reconnaissance technology, it quickly builds a comprehensive list of your external web and mobile apps for actionable inventory, continuous monitoring, risk and compliance management.
LOGINCAT IS THE WORLD'S FIRST COMPREHENSIVE CYBERSECURITY SUITE, AI AND ZERO TRUST BASED. Cybersecurity is an increasingly critical issue. There is a hacker attack every 39 seconds. Prevent hacking and malware attacks with a robust, based on zero trust cybersecurity solution - LoginCat. From AI Based to Zero Day Exploits, LoginCat keeps you secure from all kinds of Cyberattacks.
OUTSCAN™ is an automated vulnerability management solution that scans and secures external networks, allowing companies to protect sensitive data. It analyzes perimeters, detects vulnerabilities, notifies organizations and gives remediation solutions to prevent cybercriminals from penetrating their networks. OUTSCAN™ can fit any size organizations. It is easily deployable as a SaaS solution, but Outpost24 security experts can implement it if needed. Finally, the customer support is available 24/7 to answer every questions and help organizations managing their vulnerabilities and securing their external networks. Know more > https://outpost24.com/external-network-security
Action1 includes a free patch management tool, which is controlled from the cloud. Action1 performs real-time discovery of all installed Windows updates and patches on all corporate workstations and provides basic patch management capabilities, such as an option to deploy patches on selected systems, install Windows updates and more.