ManageEngine Vulnerability Manager Plus

Score8.9 out of 10

7 Reviews and Ratings

What is ManageEngine Vulnerability Manager Plus?

Vulnerability Manager Plus is an on-premise cybersecurity solution that enables IT administrators and security teams with an integrated console to perform vulnerability assessment, security configuration management, patch management, web server hardening, high-risk software audit, and port audit.

According to the vendor, it allows users to continuously monitor a network for vulnerabilities and misconfigurations, perform audits of end-of-life software, firewall state, and antivirus state. Users can deploy remedies to vulnerabilities and misconfigurations from the console, and tackle security loopholes such as passwords, legacy protocols, open shares, and expired SSL. The built-in patching lets users customize and automate the entire cycle of patching for Windows, Mac, Linux, and over 350+ 3rd party applications.

Vulnerability Manager Plus comes with "glance-and-know" dashboards that offer visibility into endpoint vulnerability, security configuration, and patch status with context.

Vulnerability Manager Plus offers a library of executive reports, granular report templates, and customizable query reports that are available in different formats, including PDF, CSV, and XLSX. Users can either generate reports on-demand or schedule them to be sent directly to concerned personnel.

Pricing starts at $695/year for 100 computers.

Categories & Use Cases

Vulnerability Management

Media

Screenshot of Vulnerabilities detailed view

Screenshot of Security configuration overview

Screenshot of Individual system overview

Screenshot of Vulnerability management dashboard

1 / 5

Screenshot of Vulnerabilities detailed view

Configuration Monitoring
Constant monitoring of a network set up to identify vulnerabilities as they occur within the network or tech stack on the network.
Category average: 8.4
Vulnerability Classification
Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.
Category average: 8.8
Vulnerability Intelligence
Software that is able to label and store information about vulnerabilities to access for future use cases.
Category average: 8.3

Threat Analysis
Analyzing known factors such as behavior patterns, affected areas, and other specific features to more easily identify a threat.
Category average: 7.8
Threat Intelligence Reporting
Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)
Category average: 7.5
Network Analytics
Analyzes various data reports and logs (DNS, firewall, user data, security information etc.) to identify threats in a network.
Category average: 7.3

Gregory Caporale, CISSP View profile

CISO in Information Technology at Cramer Rosenthal McGlynn, LLC (11-50 employees employees)

Use Cases and Deployment Scope

We use ManageEngine Vulnerability Manager Plus to perform weekly vulnerability scans and identify the computers on our network that need to be upgraded or patched. We deploy all our software updates through ManageEngine Vulnerability Manager Plus and we have set up the product to perform updates to a test group first and then once some time has passed we roll out the updates to the entire network.

Pros

It excels in automating the patch management process, including testing and deployment for Windows, macOS, and Linux.
When new vulnerabilities are disclosed, ManageEngine Vulnerability Manager Plus provides immediate, actionable insights to detect affected systems and offers emergency, pre-built patches to mitigate risks instantly.
It identifies and helps remove unauthorized or risky software
It scans and hardens systems by detecting and fixing misconfigurations

Cons

The reporting could be better. Some of the canned reports that get generated are no longer useful. They are too noisy and do not provide succinct information.
The patch management process is a bit slow and at times it takes too long to push updates out to large numbers of computers.

Return on Investment

By automating the scanning, assessment, and patch management process, VMP has helped reduce the time to patch for us by 40%.
It has provided continuous visibility into device health and overall patch state. This has helped reduce the amount of time manually checking and updating.
By prioritizing the list of vulnerabilities the tool has helped our staff stay focused on the high-impact risks and ensure that critical assets are patched first.

Usability

Other Software Used

ManageEngine Log360, Sophos Managed Detection and Response, ManageEngine ServiceDesk Plus, ManageEngine DataSecurity Plus

Tiago Dima

Especialist in Information Technology at ATECH (201-500 employees employees)

Use Cases and Deployment Scope

Currently, ManageEngine Vulnerability Manager Plus helps me with Linux servers and keeps them up to date.

Pros

Patch detection
Patch application
History and inventory.

Cons

Improved patch applicability on Linux servers;
Better recognition of Linux devices. Currently, servers are viewed as desktops
Better support.

Return on Investment

It meets our expectations and those of the business.
I keep our environment under control, regarding the applicability of patches.
Reports and evidence for auditing.

Usability

Alternatives Considered

Satellite Deskworks

Other Software Used

Lansweeper, Atlassian Jira

Roberson Silva

Specialist Microsoft in Information Technology at Atech (501-1000 employees employees)

Use Cases and Deployment Scope

We currently use the Vulnerability solution to keep our servers up to date. Since its implementation, we have significantly reduced the time spent on overtime for applying updates, as well as decreased the number of vulnerabilities in our environment—many of which we didn’t even know existed. Today, I am particularly a big fan of this tool and have already recommended it to several colleagues in the field. Automation makes updates much faster and more reliable.

Pros

Automation during environment updates.
Savings on overtime hours for the analyst responsible for updates.
Server vulnerability analysis.

Cons

Better integration with third-party tools.
Licenses for budget-friendly customers

Return on Investment

Reduction of Microsoft System Center licensing costs
Reduction of overtime hours for updates outside regular working hours.

Usability

Alternatives Considered

ManageEngine ADAudit Plus

Other Software Used

ManageEngine ADAudit Plus

Verified User

Administrator (51-200 employees employees)

Use Cases and Deployment Scope

We are using ManageEngine Vulnerability Manager Plus for patch management, system security, and vulnerability management. However, I am facing an issue with BIOS updates, as I am unable to update the BIOS automatically using ManageEngine Vulnerability Manager Plus.
Is there any solution or workaround to resolve this issue? I would appreciate your guidance, as this tool is very useful for securing our organization’s systems.

Pros

Patch management
System encryption
System security
Automation

Cons

System automation update is good thing
All patches are approved and then update on system.
Segrigate patches severity based.

Return on Investment

No impact

ManageEngine Vulnerability Manager Plus

What is ManageEngine Vulnerability Manager Plus?

Categories & Use Cases

Media

Key Features

Top Performing Features

Configuration Monitoring

Vulnerability Classification

Vulnerability Intelligence

Areas for Improvement

Threat Analysis

Threat Intelligence Reporting

Network Analytics

Reviews

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Alternatives Considered

Other Software Used

Use Cases and Deployment Scope

Pros

Cons

Return on Investment

Usability

Related Products