Compare and Evaluate

Vulnerability Management

Vulnerability management is the non-invasive, regular scanning and reporting of a network (and its nodes) to identify vulnerabilities. Vulnerability management software provides solutions to mitigate a discovered vulnerability.​

Data Quadrant report cover

The Data Quadrant is a thorough evaluation and ranking of all software in an individual category to compare platforms across multiple dimensions.

These include:

  • User Satisfaction Rankings
  • Business Value Scores
  • Vendor Capability Comparisons
  • Product Feature Evaluations
Emotional Footprint report cover

The Emotional Footprint is a powerful indicator of overall user sentiment toward the relationship with the vendor, capturing data across five dimensions.

These include:

  • Strategy and Innovation
  • Service Experience
  • Conflict Resolution
  • Product Impact
  • Negotiation and Contract

Still need assistance?

We're here to help you with understanding our reports and the data inside to help you make decisions.

Powered by Info-Tech Research Group
Powered by Info-Tech Research Group

Latest Award: June 2020

Latest Award Icon

See the most recent winners of our SoftwareReviews Emotional Footprint Awards. View our Champions and compare top vendors using our free downloadable reports.

Latest Research

5
Aug

Author: Isaac Kinsella (Info-Tech) &
Jimmy Tom (Info-Tech)

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Latest Research

23
Jul

Author: Isaac Kinsella (Info-Tech)

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.

Vulnerability Management Products

Filter by:

Data QuadrantReport

A thorough evaluation and ranking of all software to compare software across every dimension.

Data Quadrant Report report

Emotional FootprintReport

A detailed and unique report that captures a powerful indicator of overall user feeling toward the vendor and product.

Emotional Footprint Report report

Carson & SAINT

SAINT Security Suite

Fast and effective response to critical exposures is fundamental to risk management. SAINT provides instructional remediation tutorials, rules-based ticketing for response tracking, and automated workflows to auto-close of tickets once remediation has been validated.

8.5

Composite Score

8.6

CX Score

+90

Emotional Footprint

90%

Likeliness to Recommend

24

Reviews

Badge Winner

Alert Logic

Alert Logic Vulnerability Scanning & Assessment

Reduce your attack surface by finding vulnerabilities before your adversaries do with Alert Logic Essentials, Alert Logic Professional, and Alert Logic Enterprise

8.2

Composite Score

8.2

CX Score

+84

Emotional Footprint

83%

Likeliness to Recommend

19

Reviews

Qualys

Qualys VMDR

The Digital Transformation is bringing new opportunities to your company—but also exposing it to new security risks. There’s new vulnerabilities, new regulations, new tools appearing all the time. The Qualys Cloud Platform can guide your company through all of it.

8.2

Composite Score

8.5

CX Score

+88

Emotional Footprint

82%

Likeliness to Recommend

22

Reviews

Badge Winner

Rapid7

Rapid7 insightVM

insightVM Continuously identifies and assesses risks across your cloud, virtual, remote, local, and containerized infrastructure.

8.2

Composite Score

8.7

CX Score

+90

Emotional Footprint

79%

Likeliness to Recommend

43

Reviews

Badge Winner

Kenna Security Inc.

Kenna.VM

Kenna.VM combines real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which you can deprioritize.

8.1

Composite Score

8.6

CX Score

+93

Emotional Footprint

77%

Likeliness to Recommend

10

Reviews

Trustwave Holdings, Inc.

DbProtect

A highly scalable database security platform that enables organizations to secure their relational databases and big data stores, both on premises and in the cloud, with a distributed architecture and enterprise-level analytics.

8.1

Composite Score

8.4

CX Score

+90

Emotional Footprint

80%

Likeliness to Recommend

37

Reviews

Beyond Security

beSecure (AVDS)

beSecure is a flexible, accurate, low maintenance Vulnerability Assessment and Management solution that delivers solid security improvements

8.0

Composite Score

8.3

CX Score

+86

Emotional Footprint

79%

Likeliness to Recommend

20

Reviews

Tripwire, Inc.

Tripwire IP360

Tripwire provides an enterprise-class vulnerability management solution that accurately prioritizes risk so you can take action on your most exposed assets.

7.8

Composite Score

7.8

CX Score

+74

Emotional Footprint

77%

Likeliness to Recommend

26

Reviews

F-Secure Corporation

F-Secure Radar

F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify and manage both internal and external threats, report risks, and be compliant with current and future regulations (such as PCI and GDPR compliance). It gives you visibility into shadow IT - to map your full attack surface and respond to critical vulnerabilities associated with cyber threats.

9.3

Composite Score

9.5

CX Score

+100

Emotional Footprint

89%

Likeliness to Recommend

5

Reviews

Centraleyezer

Centraleyezer

Centraleyezer allows tracking of manual penetration tests vulnerabilities into an unified view, consolidates and aggregates Dynamic (DAST) vulnerability scans, automates Vulnerability escalation process to responsible persons, single Sign-On Active Directory integration.

8.4

Composite Score

8.9

CX Score

+93

Emotional Footprint

88%

Likeliness to Recommend

8

Reviews

OpenVAS

Open Vulnerability Assessment System​

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

6.9

Composite Score

7.1

CX Score

+65

Emotional Footprint

76%

Likeliness to Recommend

7

Reviews

Tenable Inc

Tenable.ot

IT and OT infrastructures are rapidly converging. The days of air-gapped systems are gone. Industrial and critical infrastructure organizations are adopting IoT devices at an unprecedented rate.

6.6

Composite Score

7.1

CX Score

+73

Emotional Footprint

51%

Likeliness to Recommend

8

Reviews

GFI Software

GFI LanGuard

GFI LanGuard allows you to scan, detect, assess and rectify security vulnerabilities in your network and connected devices. Providing a complete picture of your network and helping maintain security with minimal effort.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Probely

Probley

Probely scans your Web Applications and APIs to find vulnerabilities or security issues, and provides guidance on how to fix them, having Developers in mind. Probely not only features a sleek and intuitive interface, but also follows an API-First development approach, providing all features through an API. This allows Probely to be integrated into Continuous Integration pipelines in order to automate security testing.

--

Composite Score

--

CX Score

+73

Emotional Footprint

56%

Likeliness to Recommend

1

Reviews

NopSec Inc

Unified VRM

Unified VRM consolidates and prioritizes risks, putting an end to vulnerability fatigue. Integration with industry standard ticketing and patching systems dramatically reduces the time necessary to fix critical vulnerabilities.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Vicarius LTD

TOPIA

With hundreds of new software and OS vulnerabilities detected each month, reducing organizational security risk can become overwhelming. TOPIA's vulnerability assessment toolbox provides a quick and efficient way to analyze, prioritize, and remediate cyber threats before they're exploited with or without a security patch.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Tenable Inc

Tenable.io

Tenable.io® provides the actionable and accurate data you need to identify, investigate, and prioritize the remediation of vulnerabilities and misconfigurations in your modern IT environment.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Tenable Inc

Tenable.sc

With Tenable.sc (formerly SecurityCenter) you get a real-time, continuous assessment of your security posture so you can find and fix vulnerabilities faster.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

SecPod

SanerNow

SanerNow is an all-in-one endpoint security and management platform that orchestrates and automates cyber hygiene across enterprise endpoints. With the industry’s fastest capabilities, smart light-weight agent, and a centralized cloud-based console, SanerNow will help you continuously monitor and secure your endpoints from emerging cyber-attacks.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Flexera

Flexera Vulnerability Manager

Flexera helps you create effective software vulnerability management and security patch management processes that reduce security risk by enabling prioritization and optimization of processes for managing software vulnerabilities to mitigate exposures, before the likelihood of exploitation increases.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Denim Group Ltd

ThreadFix

ThreadFix provides a comprehensive view of your risk from applications and their supporting infrastructure. From Application Security Managers to CISOs, ThreadFix helps increase efficiency across teams and provides powerful reporting to upper management.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

Digital Defense Inc

Frontline Vulnerability Manager

Frontline VM, a Frontline.Cloud system, is a comprehensive, accurate, and easy-to-use vulnerability management application. Using our proprietary scanning technology, Frontline VM performs comprehensive security assessments and helps prioritize and track the results, making remediation more efficient and effective.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

BreachLock Inc.

BreachLock Cloud Platform

The BreachLock Cloud Platform provides comprehensive, continuous penetration testing and vulnerability scanning with actionable results for your public cloud, applications, or networks.

--

Composite Score

--

CX Score

--

Emotional Footprint

--

Likeliness to Recommend

0

Reviews

All Research

Latest Research

5
Aug

Author: Isaac Kinsella (Info-Tech) &
Jimmy Tom (Info-Tech)

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Latest Research

23
Jul

Author: Isaac Kinsella (Info-Tech)

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.

Latest Research

20
Jul

Author: Isaac Kinsella (Info-Tech)

Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.

Latest Research

15
Jul

Author: Isaac Kinsella (Info-Tech)

On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.

Latest Research

10
Jul

Author: Isaac Kinsella (Info-Tech)

COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.

Latest Research

19
Jun

Author: Jimmy Tom (Info-Tech)

Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.

Latest Research

1
Jun

Author: Fred Chagnon (Info-Tech)

More than ever, cybersecurity solutions are core to any MSPs offering. No longer should technology service providers be farming this out to dedicated security providers. Trust and peace of mind are the core tenets of what they are selling and solutions like Acronis Cyber Protect Cloud can provide the platform upon which to deliver on those promises.

Latest Research

27
May

Author: Isaac Kinsella (Info-Tech)

Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.

Latest Research

11
May

Author: Isaac Kinsella (Info-Tech)

We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.

Latest Research

30
Apr

Author: Isaac Kinsella (Info-Tech)

Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.

Latest Research

30
Apr

Author: Isaac Kinsella (Info-Tech)

The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.

Latest Research

23
Apr

Author: Isaac Kinsella (Info-Tech)

Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.

Latest Research

13
Apr

Author: Jimmy Tom (Info-Tech)

Market researcher ResearchandMarkets.com has published its market outlook for vulnerability management tools.

Latest Research

7
Apr

Author: Jimmy Tom (Info-Tech)

A vulnerability has been discovered in Apple iOS and iPadOS where VPN (virtual private networking) can be bypassed, thereby not securing all traffic within the secure VPN tunnel.

Latest Research

29
Mar

Author: Jimmy Tom (Info-Tech)

SC Media had its recent 2020 SC Awards Honored in the U.S. event and has awarded Qualys recognition for Best Vulnerability Management Solution in the “Trust Awards” category.

Latest Research

24
Mar

Author: Jimmy Tom (Info-Tech)

Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.

Latest Research

17
Mar

Author: Jimmy Tom (Info-Tech)

There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.

Latest Research

17
Mar

Author: Isaac Kinsella (Info-Tech)

Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.

Latest Research

17
Mar

Author: Isaac Kinsella (Info-Tech)

Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.

Latest Research

16
Mar

Author: Isaac Kinsella (Info-Tech)

Microsoft has added its Windows 10 Tamper Protection controls to the public version of Microsoft Defender. Previously available only to enterprise users, Tamper Protection is intended to better detect threats that make it past other defences and to provide remediation suggestions.

Latest Research

11
Mar

Author: Isaac Kinsella (Info-Tech)

Qualys Research Labs, a vulnerability management provider, discovered a vulnerability in the OpenSMTPD Mail server used in conjunction with the OpenBSD operating system. This flaw allows for an attacker to execute arbitrary code with command privileges.

Latest Research

3
Mar

Author: Isaac Kinsella (Info-Tech)

A leaked UN report showed that servers were compromised during a cyberattack that exploited an older version of Microsoft SharePoint. This breach is a case study in the importance of both patch management and transparency.

Latest Research

24
Feb

Author: Isaac Kinsella (Info-Tech)

Reported by Microsoft on January 17, the company admitted to another vulnerability in the older versions of its Windows products. A vulnerability in the remote code execution (RCE) was found in the scripting engine of Internet Explorer (IE).

Latest Research

24
Feb

Author: Isaac Kinsella (Info-Tech)

Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020.

Latest Research

4
Feb

Author: Isaac Kinsella (Info-Tech)

A Citrix vulnerability first discovered on December 17, 2019 is being continually exploited by ransomware attackers despite patching attempts by Citrix.

Latest Research

4
Feb

Author: Isaac Kinsella (Info-Tech)

Project Zero is changing its vulnerability disclosure policy to give software developers more time to patch vulnerabilities. The policy is now shifted to a stringent 90-day policy.

Latest Research

30
Jan

Author: Isaac Kinsella (Info-Tech)

On January 15, 2020, the Department of Defense (DoD) issued an open call to vendors to fulfill a contract to help improve their technology and inventory management.

Load More