Vulnerability Management

Vulnerability management is the non-invasive, regular scanning and reporting of a network (and its nodes) to identify vulnerabilities. Vulnerability management software provides solutions to mitigate a discovered vulnerability.​

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

These include:

  • User Satisfaction Rankings
  • Business Value Scores
  • Vendor Capability Comparisons
  • Product Feature Evaluations
Download Report

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

These include:

  • Strategy and Innovation
  • Service Experience
  • Conflict Resolution
  • Product Impact
  • Negotiation and Contract
Download Report

Still need assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Powered by Info-Tech Research Group
Powered by Info-Tech Research Group

Latest Research

Qualys Announces New Flagship Product, Qualys VMDR
March 24, 2020

Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.

Author: Jimmy Tom (Info-Tech)

Kr00k Wi-Fi Vulnerability Leads to Widespread Concerns
March 17, 2020

There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.

Author: Jimmy Tom (Info-Tech)

Windows 7 End-of-Life Troubles Continue: ESUs Don’t Apply to Enterprises That Purchased Licences
March 17, 2020

Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.

Author: Isaac Kinsella (Info-Tech)

See All Research

Vulnerability Management Products

Filter by:

Data QuadrantReport

A thorough evaluation and ranking of all software to compare software across every dimension.

Download Report

Emotional FootprintReport

A detailed and unique report that captures a powerful indicator of overall user feeling toward the vendor and product.

Download Report
data-quadrant-awards-badge 2019

Rapid7

Rapid7 insightVM

insightVM Continuously identifies and assesses risks across your cloud, virtual, remote, local, and containerized infrastructure.

8.3

Composite Score

8.9

CX Score

+93

Emotional Footprint

81%

Likeliness to Recommend

41

Reviews

data-quadrant-awards-badge 2019

Beyond Security

Beyond Security beSecure (AVDS)

beSecure is a flexible, accurate, low maintenance Vulnerability Assessment and Management solution that delivers solid security improvements

8.2

Composite Score

8.5

CX Score

+88

Emotional Footprint

80%

Likeliness to Recommend

19

Reviews

Qualys

Qualys

The Digital Transformation is bringing new opportunities to your company—but also exposing it to new security risks. There’s new vulnerabilities, new regulations, new tools appearing all the time. The Qualys Cloud Platform can guide your company through all of it.

8.2

Composite Score

8.4

CX Score

+86

Emotional Footprint

84%

Likeliness to Recommend

19

Reviews

data-quadrant-awards-badge 2019

Tenable Network Security

Tenable

Tenable provides the most accurate information about all your assets and vulnerabilities in your ever-changing IT environment.

8.2

Composite Score

8.3

CX Score

+83

Emotional Footprint

84%

Likeliness to Recommend

17

Reviews

Alert Logic

Alert Logic Vulnerability Scanning & Assessment

Reduce your attack surface by finding vulnerabilities before your adversaries do with Alert Logic Essentials, Alert Logic Professional, and Alert Logic Enterprise

8.1

Composite Score

8.0

CX Score

+82

Emotional Footprint

82%

Likeliness to Recommend

17

Reviews

Trustwave

Trustwave DBProtect VM

Trustwave Vulnerability Scanning and Management services provide complete visibility into network vulnerabilities from outside and inside the corporate firewall, and include centralized, visual management capabilities

8.1

Composite Score

8.5

CX Score

+90

Emotional Footprint

80%

Likeliness to Recommend

37

Reviews

Tripwire

Tripwire IP360

Tripwire provides an enterprise-class vulnerability management solution that accurately prioritizes risk so you can take action on your most exposed assets.

7.7

Composite Score

7.7

CX Score

+74

Emotional Footprint

76%

Likeliness to Recommend

26

Reviews

Centraleyezer

Centraleyezer

Centraleyezer allows tracking of manual penetration tests vulnerabilities into an unified view, consolidates and aggregates Dynamic (DAST) vulnerability scans, automates Vulnerability escalation process to responsible persons, single Sign-On Active Directory integration.

8.5

Composite Score

8.9

CX Score

+94

Emotional Footprint

88%

Likeliness to Recommend

8

Reviews

SAINT

SAINT Vulnerability Assessments

Fast and effective response to critical exposures is fundamental to risk management. SAINT provides instructional remediation tutorials, rules-based ticketing for response tracking, and automated workflows to auto-close of tickets once remediation has been validated.

8.0

Composite Score

8.3

CX Score

+82

Emotional Footprint

84%

Likeliness to Recommend

5

Reviews

OpenVAS

Open Vulnerability Assessment System​

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

6.8

Composite Score

6.6

CX Score

+58

Emotional Footprint

78%

Likeliness to Recommend

5

Reviews

Bay Dynamics

Risk Fabric

Risk Fabric® is a cyber risk analytics platform that calculates the value at risk associated with specific threats and vulnerabilities, and prescribes actions to measurably reduce cyber risk exposure. Using patented contextual data models and user and entity behavioral analytics (UEBA) technologies, stakeholders across the business common can now have metrics that prioritize remediation activities to the risks that matter most.

--

Composite Score

6.7

CX Score

+81

Emotional Footprint

83%

Likeliness to Recommend

4

Reviews

Probe.ly

Web Application Vulnerability Scanner

When it comes to Web security Probe.ly is your family doctor. It scans for vulnerabilities, gives you a report of the findings, and provides you with solutions on how to fix them.

--

Composite Score

--

CX Score

+73

Emotional Footprint

56%

Likeliness to Recommend

1

Reviews

All Research

Qualys Announces New Flagship Product, Qualys VMDR
March 24, 2020

Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.

Author: Jimmy Tom (Info-Tech)

Kr00k Wi-Fi Vulnerability Leads to Widespread Concerns
March 17, 2020

There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.

Author: Jimmy Tom (Info-Tech)

Windows 7 End-of-Life Troubles Continue: ESUs Don’t Apply to Enterprises That Purchased Licences
March 17, 2020

Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.

Author: Isaac Kinsella (Info-Tech)

Qualys Unveils Its New Vulnerability Management, Detection, and Response Matrix
March 17, 2020

Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.

Author: Isaac Kinsella (Info-Tech)

Microsoft Unveils Tamper Support for Windows 10 Defender Advanced Threat Protection
March 16, 2020

Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.

Author: Isaac Kinsella (Info-Tech)

United Nations Faces Cyber-Espionage; Failure to Patch Causes Breach
March 03, 2020

A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.

Author: Isaac Kinsella (Info-Tech)

Microsoft Troubles Continue; Zero-Day Vulnerability Places Windows Users at Risk
February 24, 2020

Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).

Author: Isaac Kinsella (Info-Tech)

Windows 7 Reaches End of Life; Are You About to Pay the Price?
February 24, 2020

Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.

Author: Isaac Kinsella (Info-Tech)

Citrix Systems Remain Vulnerable Despite Patching Attempts
February 04, 2020

A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.

Author: Isaac Kinsella (Info-Tech)

Project Zero Extends Its Vulnerability Disclosure Agreement to 90 Days, Changes to Follow
February 04, 2020

Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.

Author: Isaac Kinsella (Info-Tech)

Bishop Fox Discovers Eight Vulnerabilities in ConnectWise: Patching a Managed Service Provider
January 30, 2020

Cybersecurity firm Bishop Fox identified eight vulnerabilities in ConnectWise’s remote control and remote access software.

Author: Isaac Kinsella (Info-Tech)

Tenable Chosen as the Successor for BeyondTrust’s Vulnerability Management Suite; BeyondTrust Steps Aside
January 30, 2020

Announced on December 31, 2019, BeyondTrust named Tenable as the successor to its Vulnerability Management suite.

Author: Isaac Kinsella (Info-Tech)

Department of Defense Seeks Improved Patch Management Tech: Why You Should Care
January 30, 2020

On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.

Author: Isaac Kinsella (Info-Tech)

Windows 10 Security Flaw Discovered; Millions of Devices at Risk
January 28, 2020

On January 14, Microsoft issued a statement acknowledging a crucial security flaw within its Windows 10 operating systems: a failure in the Windows 10 CryptoAPI service that affects both Windows 10 and Windows Server Update systems.

Author: Isaac Kinsella (Info-Tech)

Puppet Rolls Out Remediate
August 22, 2019

Puppet has rolled out Remediate. This release aligns with the ongoing consolidation between IT Operations and IT Security.

Author: Derek Shank (Info-Tech)

Tripwire’s Managed Services Now Include Vulnerability Management
July 04, 2019

Tripwire’s vulnerability management solution is now offered as-a-Service, as part of its managed Security-as-a-Service offering, ExpertOps.

Author: Filipe De Souza (Info-Tech)

Tenable Launches Free Tool to Educate New Cybersecurity Professionals
July 04, 2019

Nessus Essentials is the latest tool launched by Tenable, but instead of selling to the enterprise, it is targeting individuals who want to learn more about security.

Qualys Discovers Critical Flaw With OpenBSD Mail Server, Multiple Programs Vulnerable

Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.

Author: Isaac Kinsella (Info-Tech)

Load More