A comprehensive list of scanning tools
Subramanny Kadawadkar
SOC| SIEM | SOAR | Splunk | Raw logs | Alert and Analysis | Incident Response | Threat Intelligence | Vulnerability Assessment | Compliance | Malware Analysis | OWASP | MITRE Attack | CORTEX XSOAR | Cyber Security
Many organizations use multiple vulnerability scanners to ensure they’re getting full coverage of every asset, creating a complete picture. Over the years, many different scanners have been developed, providing a lot of different options and features. Here's a list of several, in alphabetical order:
1. Acunetix
Acunetix is a web vulnerability scanner that features advanced crawling technology to find vulnerabilities to search every type of web page—even those that are password protected.
2. beSECURE
beSECURE is a self-service vulnerability scanner from Beyond Security that can be deployed on-premise, in the cloud, or in hybrid environments. This solution offers both network and web application scanning and has a vulnerability database that is updated daily. beSECURE focuses on efficiency and accuracy. Set up is simple and users can get started in minutes with a practical interface and automation capabilities. Additionally, with patented technology, scans have near-zero false positives.
3. Burp Suite
Burp Suite is a web vulnerability scanner that is frequently updated, and integrates with bug tracking systems like Jira for simple ticket generation.
4. GFI Languard
GFI Languard is a network and web application vulnerability scanner that can automatically deploy patches across multiple operating systems, third-party applications, and web browsers.
5. Frontline
Frontline VM is a patented network vulnerability scanner that is a part of Frontline.Cloud, a cloud-native SaaS security platform from Digital Defense. This security platform also offers web application scanning as well as other vulnerability management and threat assessment technology. Frontline VM focuses on accurate and accessible risk assessment, with features like Frontline Security GPA?, a informed metric that takes into account both the network security posture rating and the business risk associated with discovered vulnerabilities. Risk ratings are also tailored to an environment with risk rating based on the device’s criticality to the organization’s specific infrastructure.
6. Nessus
Nessus is one of the most popular vulnerability scanners, with over two million downloads across the globe. Additionally, Nessus provides comprehensive coverage, scanning for over 59,000 CVEs.
7. Nexpose
Nexpose by Rapid7 collects data in real-time in order to constantly provide a live view of an organization’s shifting network. Since the CVSS risk score scale is 1-10, this vulnerability scanner developed its own risk score scale of 1-1000 in order to provide more nuance. It takes factors like vulnerability age and public exploits/malware kits into account.
领英推荐
8. Nmap
Nmap is an open source, free security scanner that is also used by organizations for network discovery, inventory, managing service upgrade schedules, and monitoring host or service uptime.
9. OpenVAS
OpenVAS is an open source vulnerability scanner maintained by Greenbone Networks. The scanner also has a regularly updated community feed, which includes over 50,000 vulnerability tests.
10. Qualys Guard
Qualys Cloud Platform is a hub for Qualys’ IT, security, and compliance cloud apps. It features a robust a vulnerability scanner that helps centralize vulnerability management.
11. Qualys Web Application Scanner
Qualys Web Application Scanner is a cloud-based application that both finds official and “unofficial” apps throughout an environment, and also detects OWASP top ten risks, along with other web application vulnerabilities.
12. SAINT
SAINT’s Security Suite is a holistic scanner that identifies all of the critical assets in an environment, creating asset tags and tracking them to provide faster remediation for the highest priority assets.
13. Tenable
Teneble.sc and Teneble.io provide network and web vulnerability assessments using Nessus technology. They use Predictive Prioritization, which combines vulnerability data, threat intelligence and data science to create a detailed risk score.
14. Tripwire IP360?
Tripwire IP360 is a scalable vulnerability scanner that can scan everything in an organization’s ?environment, including previously-undetected assets using both agentless and agent-based scans.
Conclusion
A vulnerability may only have a moderate risk score, but if it can be used as a pivot point to reach other vulnerabilities or resources, it could have significant consequences on the organization. So a “moderate” vulnerability may be just as, if not more dangerous than one rated as “severe.”? Pen tests add vital context by seeing which vulnerabilities can actually be leveraged to gain access within your environment.