Vulnerability scanners are valuable tools that search for and report on what known vulnerabilities are present in an organization’s IT infrastructure. Using a vulnerability scanner is a simple, but critical security practice that every organization can benefit from. These scans can give an organization an idea of what security threats they may be facing by giving insights into potential security weaknesses present in their environment.
Many organizations use multiple vulnerability scanners to ensure they’re getting full coverage of every asset, creating a complete picture. Over the years, many different scanners have been developed, providing a lot of different options and features. So how do you know how which ones to choose? If you’re looking for vulnerability scanners for your IT infrastructure, here’s a list of ones favored by Core Security experts, in alphabetical order:
Acunetix is a web vulnerability scanner that features advanced crawling technology to find vulnerabilities to search every type of web page—even those that are password protected.
beSECURE is a self-service vulnerability scanner from Beyond Security that can be deployed on-premise, in the cloud, or in hybrid environments. This solution offers both network and web application scanning and has a vulnerability database that is updated daily.
3. Burp Suite
Burp Suite is a web vulnerability scanner that is frequently updated, and integrates with bug tracking systems like Jira for simple ticket generation.
4. GFI Languard
GFI Languard is a network and web application vulnerability scanner that can automatically deploy patches across multiple operating systems, third-party applications, and web browsers.
Nessus is one of the most popular vulnerability scanners, with over two million downloads across the globe. Additionally, Nessus provides comprehensive coverage, scanning for over 59,000 CVEs.
Nexpose by Rapid7 collects data in real-time in order to constantly provide a live view of an organization’s shifting network. Since the CVSS risk score scale is 1-10, this vulnerability scanner developed its own risk score scale of 1-1000 in order to provide more nuance. It takes factors like vulnerability age and public exploits/malware kits into account.
Nmap is an open source, free security scanner that is also used by organizations for network discovery, inventory, managing service upgrade schedules, and monitoring host or service uptime.
OpenVAS is an open source vulnerability scanner maintained by Greenbone Networks. The scanner also has a regularly updated community feed, which includes over 50,000 vulnerability tests.
10. Qualys Guard
Qualys Cloud Platform is a hub for Qualys’ IT, security, and compliance cloud apps. It features a robust a vulnerability scanner that helps centralize vulnerability management.
11. Qualys Web Application Scanner
Qualys Web Application Scanner is a cloud-based application that both finds official and “unofficial” apps throughout an environment, and also detects OWASP top ten risks, along with other web application vulnerabilities.
SAINT’s Security Suite is a holistic scanner that identifies all of the critical assets in an environment, creating asset tags and tracking them to provide faster remediation for the highest priority assets.
Teneble.sc and Teneble.io provide network and web vulnerability assessments using Nessus technology. They use Predictive Prioritization, which combines vulnerability data, threat intelligence and data science to create a detailed risk score.
14. Tripwire IP360
Tripwire IP360 is a scalable vulnerability scanner that can scan everything in an organization’s environment, including previously-undetected assets using both agentless and agent-based scans.
Vulnerability Scanner Integration with Core Impact
Vulnerability assessments can be greatly enhanced through pen testing. Scanners can uncover thousands of vulnerabilities, and many prioritize remediation based on a vulnerability’s CVSS rating. However, these scores don’t account for an organization’s particular set up.
A vulnerability may only have a moderate risk score, but if it can be used as a pivot point to reach other vulnerabilities or resources, it could have significant consequences on the organization. So a “moderate” vulnerability may be just as, if not more dangerous than one rated as “severe.” Pen tests add vital context by seeing which vulnerabilities can actually be leveraged to gain access within your environment.
Core Impact, Core Security’s comprehensive penetration testing tool, can import data from all of the scanners mentioned above. Once imported, Core Impact can run a pen test to see if any of these vulnerabilities can be successfully exploited. By validating these vulnerabilities, you’ll know the true risk they pose, and can prioritize which remediation measures should be taken.