These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. Read more about the Top Rated criteria.
TrustMaps are two-dimensional charts that compare products based on trScore and research frequency by prospective buyers. Products must have 10 or more ratings to appear on this TrustMap.
(1-25 of 123) Sorted by Most Reviews
The list of products below is based purely on reviews (sorted from most to least). There is no paid placement and analyst opinions do not influence their rankings. Here is our Promise to Buyers to ensure information on our site is reliable, useful, and worthy of your trust.
CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment…
Symantec Client Management Suite is designed to automate time-consuming and redundant tasks for deploying, managing, patching, and securing desktops and laptops so organizations can reduce the cost and effort of managing Windows, Mac, Linux, and virtual desktop environments.
McAfee ePolicy Orchestrator (McAfee ePO) software centralizes and streamlines management of endpoint, network, data security, and compliance solutions.
OSSIM leverages the power of the AlienVault Open Threat Exchange by allowing users to both contribute and receive real-time information about malicious hosts. AlienVault OSSIM is an open source Security Information and Event Management (SIEM) product. It is a unified platform providing:…
The Burp Suite, from UK-based alcohol-themed software company PortSwigger Web Security, is an application security and testing solution.
GitGuardian Internal Monitoring helps organizations detect and fix vulnerabilities in source code at every step of the software development lifecycle. With GitGuardian’s policy engine, security teams can monitor and enforce rules across their VCS, DevOps tools, and infrastructure-…
The Qualys Cloud Platform (formerly Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other…
vRealize Automation is an infrastructure automation platform that enables private and multi-cloud environments on VMware Cloud infrastructure.
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM…
Tenable.sc (formerly SecurityCenter) from Tenable Network Security in Baltimore, presents a vulnerabiliy management option.
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint…
HackerOne is a hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited, from the company of the same name in San Francisco. The service is used for vulnerability location, pen testing, bug bounty, and vulnerability…
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable.io, a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible…
Lacework in San Jose delivers security and compliance for the cloud. The Lacework Cloud Security Platform is cloud-native and offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments,…
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of an AWS account. With CloudTrail, users can log, continuously monitor, and retain account activity related to actions across AWS infrastructure. CloudTrail provides event history…
Nipper discovers vulnerabilities in firewalls, switches and routers, automatically prioritizing risks to an organization. Its virtual modelling is designed to reduce false positives and identify exact fixes to help users stay secure and compliant.Audits: Firewalls | Switches | Routers…
Ivanti Security Controls is a vulnerability management solution, which replaces the former Heat Unified Endpoint Management & Security product, which in turn was formerly a Lumension supported product.
Tanium, headquartered in Emeryville, provides two solution packages: Unified Endpoint Management and Unified Endpoint Security. The vendor states this approach reduces complexity, improves efficiency and closes the gaps between operations and security. Tanium can also be delivered…
BeyondTrust offers vulnerability management via Network Security Scanner, powered by Retina. This technology was developed by eEye, before that company's acquisition by BeyondTrust in 2012.
AcuSensor from Maltese company Acunetix is application security and testing software.
Patch Manager Plus is an automated patch management software that provides enterprises with a single interface for all patch management tasks. The vendor claims it works across platforms, helping users patch Windows, Mac, Linux & 300+ third-party applications. With Automated…
Morphisec, headquartered in Boston, provides advanced security solutions for midsize to small enterprises around the globe. They aim to simplify security and can automatically block modern attacks from the endpoint to the cloud. Contrasted with security solutions that rely on human…
Vulnerability management tools scan enterprise networks for weaknesses that may be exploited by would-be intruders. Should the scan find a weakness, the vulnerability management tools suggest or initiate remediation action. In this way, vulnerability management tools reduce the potential impact of a network attack.
This approach to network security differs from firewalls, antivirus or antispyware software, and Intrusion Detection Systems (IDS). These security tools are designed to manage attacks on the network as they occur. In contrast, vulnerability management tools instead search for potential weaknesses and fix them in an attempt to mitigate potential future network attacks.
Vulnerability management tools initially assess the network using network and port scanners, IP scanners, etc. They then prioritize remediation so that the most significant issues are addressed first. The best practice is to allow vulnerability management tools to perform limited scans, and remediate weaknesses immediately to reduce the time to resolution. Conducting more extensive scans delays remediation while the scan completes and therefore leaves weaknesses found during the scan unattended until the scan is complete.
Remediation should happen quickly, and according to the vulnerability management tools’ prioritization schedule. Systematically eliminating network weaknesses reduces dependence on peripheral intrusion detection technologies. If a bad actor gains network access, attacks can be minimized by removing vulnerabilities intruders may encounter.
Some common features found within most vulnerability management tools include:
Keep in mind the following factors when comparing vulnerability management tools:
Vulnerability management tool vendors typically offer customized solutions, and therefore it is best to contact the vendor directly for exact price details. Some will offer yearly subscription costs which may range from $1000 to $5000per year. For more advanced features such as malware and IOA behavioral protection, higher pricing packages will be offered. Vendors typically offer free trials.
