Top 10 Vulnerability Scanner
Vulnerability scanner is a software program that has been designed to find vulnerabilities on computer system, network and servers. In addition to the manual security test and code review, automatic tools always play their roles to make the vulnerability assessment efficient. There are many aspects that you should consider before using any tool; aspects are including but not limited to the cost, features, reporting pattern or simply management. This article contains the detail of top vulnerability scanner tools that you might required in your security testing process.
Nessus
The Nessus vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification and many other features.
· Nessus and Nessus Perimeter Service™ subscriptions for commercial organizations and enterprises
· Nessus evaluations for commercial organizations
· Nessus Home for personal use in a non-commercial, home network
Operating System:Windows, Mac OS X, OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
Price: Paid
Price: Paid
OpenVAS
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 33,000 in total (as of December 2013).
All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).
The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 33,000 in total (as of December 2013).
All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).
Operating System:Linux, Windows and other operating systems.
Price: Free
Price: Free
Core Impact
As network security continues to harden, it's no surprise that cyber criminals have shifted their attack techniques to focus on applications and end users.
With the release of version 12.5, CORE Impact Pro takes vulnerability assessment and testing far beyond traditional exploitation -- allowing commercial and government organizations to actively and accurately test the security of their network and application infrastructure using the same Advanced Persistent Threat and password-based techniques employed by cyber attackers.
With the release of version 12.5, CORE Impact Pro takes vulnerability assessment and testing far beyond traditional exploitation -- allowing commercial and government organizations to actively and accurately test the security of their network and application infrastructure using the same Advanced Persistent Threat and password-based techniques employed by cyber attackers.
Operating System:Windows
Price: Paid
Price: Paid
Nexpose
Nexpose, the vulnerability management software, proactively scans your environment for mis-configurations, vulnerabilities, and malware and provides guidance for mitigating risks. Experience the power of Nexpose vulnerability management solutions by knowing the security risk of your entire IT environment including networks, operating systems, web applications, databases, and virtualization.
Exposing security threats including vulnerabilities, mis-configurations and malware.
Prioritizing threats and getting specific remediation guidance for each issue.
Integrating with Metasploit to validate security risk in your environment.
Exposing security threats including vulnerabilities, mis-configurations and malware.
Prioritizing threats and getting specific remediation guidance for each issue.
Integrating with Metasploit to validate security risk in your environment.
Operating System: Windows, Linux
Price: Paid
Price: Paid
GFI Lan Guard
Research consistently demonstrates that many of the vulnerabilities cybercriminals exploit can be prevented with updated software patches, and addressing of misconfigured network gear and unauthorized devices on the network.
GFI LanGuard scans and detects network vulnerabilities before they are exposed, reducing the time required to patch machines on your network. GFI LanGuard patches Microsoft ®, Mac® OS X®, Linux® and more than 50 third-party operating systems and applications, and deploys both security and non-security patches.
GFI LanGuard scans and detects network vulnerabilities before they are exposed, reducing the time required to patch machines on your network. GFI LanGuard patches Microsoft ®, Mac® OS X®, Linux® and more than 50 third-party operating systems and applications, and deploys both security and non-security patches.
Operating System:Windows
Price: Paid
Price: Paid
QualysGuard
QualysGuard Enterprise is an award-winning cloud security and compliance solution. It helps global businesses simplify IT security operations and lower the cost of compliance. It delivers critical security intelligence on demand and automates the full spectrum of auditing, compliance and protection for Internet perimeter systems, internal networks, and web applications.
Operating System:Windows
Price: Paid
Price: Paid
MBSA
The Microsoft Baseline Security Analyzer provides a streamlined method to identify missing security updates and common security misconfigurations. MBSA 2.3 release adds support for Windows 8.1, Windows 8, Windows Server 2012 R2, and Windows Server 2012. Windows 2000 will no longer be supported with this release.
Operating System:Windows
Price: Freeware
Price: Freeware
Retina
With over 10,000 deployments since 1998, Beyond Trust Retina Network Security Scanner is the most sophisticated vulnerability assessment solution on the market. Available as a standalone application or as part of the Retina CS unified vulnerability management platform.
Retina Security Scanner enables you to efficiently identify IT exposures and prioritize remediation enterprise-wide. Retina Network Security Scanner, the industry’s most mature and effective vulnerability scanning technology, identifies the vulnerabilities – missing patches, configuration weaknesses, and industry best practices - to protect an organization’s IT assets.
Retina Security Scanner enables you to efficiently identify IT exposures and prioritize remediation enterprise-wide. Retina Network Security Scanner, the industry’s most mature and effective vulnerability scanning technology, identifies the vulnerabilities – missing patches, configuration weaknesses, and industry best practices - to protect an organization’s IT assets.
Operating System:Windows
Price: Paid
Price: Paid
Secunia PSI
Don’t let one vulnerable PC open your corporate network up to cyber attacks - Combining private and corporate Patch Management provides a 360° overview of all vulnerability threats
The Secunia Personal Software Inspector (PSI) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins, which expose your PC to attacks. Once installed, the Secunia PSI can help you patch vulnerable programs and stay secure.
The Secunia Personal Software Inspector (PSI) is a free security tool designed to detect vulnerable and out-dated programs and plug-ins, which expose your PC to attacks. Once installed, the Secunia PSI can help you patch vulnerable programs and stay secure.
Operating System:Windows
Price: Freeware
Price: Freeware
Nipper
Nipper (short for Network Infrastructure Parser, previously known as Cisco Parse) audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the Nipper user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases (including the GPLv2 version 0.10 source tarball).
Operating System: Windows, Apple MAC OSX, Linux
Price: Paid
Further reading: Top 125 Network Security Tools
Price: Paid
Further reading: Top 125 Network Security Tools