Best Vulnerability Scanner Software

Vulnerability scanners are tools that constantly monitor applications and networks to identify security vulnerabilities. They work by maintaining an up-to-date database of known vulnerabilities, and conduct scans to identify potential exploits. Vulnerability scanners are used by companies to test applications and networks against known vulnerabilities and to identify new vulnerabilities. The scanners typically produce analytical reports detailing the state of an application or network security and provide recommendations to remedy known issues. Some vulnerability scanners work in a similar manner to dynamic application security testing (DAST) tools, but scan tools instead of mimicking attacks or performing penetration tests.

To qualify for inclusion in the Vulnerability Scanner category, a product must:

  • Maintain a database of known vulnerabilities
  • Continuously scan applications for vulnerabilities
  • Produce reports analyzing known vulnerabilities and new exploits
G2 Crowd Grid® for Vulnerability Scanner
High Performers
Momentum Leaders
Momentum Score
Market Presence
Star Rating

Vulnerability Scanner reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Vulnerability Scanner Software
Results: 60
G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
Results: 60
Filter Results
Filter by:
Sort by
Star Rating
Sort By:

    Detect security flaws in your website or web application and avoid being hacked. HTTPCS Security puts Machine Learning at the service of your cyber security to protect your site against hacking and data leaks.

    SecurityMetrics Perimeter Scan's regularly updated scan engine identifies external network vulnerabilities so you can keep your data safe. Vulnerability scanning identifies top risks such as misconfigured firewalls, malware hazards, remote access vulnerabilities, and can be used for cyber security or compliance mandates like PCI DSS and HIPAA.

    SOCVue Vulnerability Management is a service that helps reduce attack surface by proactively identifying vulnerabilities across IT environment, prioritizing them based on business impact and risk, and providing remediation guidance to save significant time and reducing operational costs.

    Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

    The Network Vulnerability Scanning Service uses a self-developed vulnerability scanner to perform comprehensive security vulnerability scanning on specified target systems. The service relies on a powerful vulnerability database and 100,000+ vulnerability detection scripts to drill down into various security vulnerabilities. All kinds of scanning items are strictly tested by security experts, and timely follow up on the newly exposed security vulnerabilities on the network to ensure the accuracy and timeliness of scanning.

    Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

    A lightweight plugin agent that protects against the known attack vectors found in 2013 and 2017 OWASP Top Ten, SANS Top 25, Other common exploits

    WhiteHat Sentinel Dynamic is a software-as-a-service platform for dynamic application security testing (DAST).

    Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.