FEATURED: GFI LANguard Network Security Scanner Listing updated: September 25, 2008

GFI LANguard Network Security Scanner (N.S.S.) is a complete network vulnerability management solution that allows you to scan, detect, assess and remediate security vulnerabilities and provides patch management functionality.

This award-winning solution scans the entire network, performs over 15,000 vulnerability assessments and identifies possible security threats. The complete and thorough vulnerability assessment database includes standards such as OVAL (2,000+ checks) and SANS Top 20.

GFI LANguard also allows auto-downloads of missing patches as well as patch roll-back. Custom software can also be deployed. This results in a consistently configured environment that is secure against vulnerabilities. All this is achieved through a single console with extensive reporting functionality, effectively addressing the three pillars of vulnerability management: security scanning, patch management and network auditing.

GFI LANguard N.S.S. 8 is an essential, cost-effective solution for businesses to safeguard their systems and networks from hacker attacks and security breaches. A free 30-day trial version can be downloaded without registration!

• Company: GFI Software
• URL: www.gfi.com
• Email: info@gfi.com
• Screenshot: click here
• Price: $249 for 4 IPs

• Users' Rating: 4.41 [221 votes] - Vote
• Comments: 13 comments - View / Post

ManageEngine Security Manager Plus Listing updated: August 29, 2008

Security Manager Plus is a network security scanner that reports on network vulnerabilities and helps to remediate them and ensure compliance. With vulnerability scanning, open ports detection, patch management, Windows file/folder/registry change management and vulnerability reporting capabilities, Security Manager Plus protects the network from security threats and malicious attacks.

• Company: AdventNet, Inc.
• URL: www.adventnet.com
• Email: sales@adventnet.com

• Users' Rating: 4.6 [5 votes] - Vote
• Comments: 0 comments - Post

Enterprise Security Reporter Listing updated: January 23, 2008

The Enterprise Security Reporter platform features agent-less, fast, comprehensive discovery and reporting solutions for file security, group memberships, Active Directory, printers, file shares and other security settings on Windows and SharePoint servers. Enterprise Security Reporter is essential for administrators burdened with compliance reporting and security audits, automating reporting and simplifying analysis.

Enterprise Security Reporter provides a reporting and auditing solution for corporate data stored on a file share, or in a SharePoint site. Easily discover necessary security information, run reports, create custom reports and conduct ad-hoc queries across the entire organization.

• Company: ScriptLogic
• URL: www.scriptlogic.com
• Email: sales@scriptlogic.com

• Users' Rating: 3.9 [10 votes] - Vote
• Comments: 0 comments - Post

Nessus Security Scanner Listing updated: October 30, 2007

Traditional network security scanners tend to focus on the services listening on the network - and only on these. Now that viruses and worms are propagating thanks to flaws in mail clients or web browsers, this conception of security is getting outdated.
Nessus has the ability to detect the remote flaws of the hosts on your network, but their local flaws and missing patches as well - whether they are running Windows, Mac OS X or a Unix-like system. Each security test is written as an external plugin, written in NASL. This means that updating Nessus does not involve downloading untrusted binaries from the internet. The Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language) a language designed to write security test easily and quickly. Nessus does not believe that the target hosts will respect the IANA assigned port numbers. This means that it will recognize a FTP server running on a non-standard port (ie: 31337), or a web server running on port 8080. If a host runs the same service twice or more, Nessus will test all of them. Nessus has the ability to test SSLized services such as https, smtps, imaps, and more. You can even supply Nessus with a certificate so that it can integrates into a PKI-fied environement. Nessus gives you the choice between performing a regular non-destructive security audit on a routine basis, or to throw everything you can at a remote host to see how will it withstands attacks from intruders.

• Company: Nessus
• URL: nessus.org
• Email: deraison@cvs.nessus.org

• Users' Rating: 4 [3 votes] - Vote
• Comments: 0 comments - Post

Retina Network Security Scanner Listing updated: October 30, 2007

Retina Network Security Scanner identifies known network security vulnerabilities and assists in prioritizing threats for remediation. Featuring accurate and non-intrusive scanning, users are able to secure their networks against vulnerabilities. Users can also leverage Retina for security risk assessment, project risk management and enforcing standards-based registry settings through custom policy audits.

• Company: eEye Digital Security
• URL: www.eeye.com
• Email: info@eeye.com
• Screenshot: click here
• Price: $1995+

• Users' Rating: 4.45 [38 votes] - Vote
• Comments: 2 comments - View / Post

NetIQ Vulnerability Manager Listing updated: July 25, 2006

NetIQ Vulnerability Manager ensures that you are identifying the latest system vulnerabilities and complying with corporate and regulatory policies to manage information security risk. NetIQ has teamed with TruSecure to provide you with information on vulnerabilities and exploits through our AutoSync capabilities in Vulnerability Manager. AutoSync provides a common pipe for publishing and delivering vulnerability knowledge as well as other security-related content including patch databases, regulation templates and even sample policy templates. AutoSync can be configured to pull new updates hourly, daily or in the middle of the night to ensure that your vulnerability scans aren't using stale knowledge. NetIQ provides checks to evaluate the most common security controls. Additionally, NetIQ Vulnerability Manager provides templates organized by regulations such as Sarbanes-Oxley, HIPAA, FERC and GLBA or by best practices such as SANS Top 20, Center for Internet Security, workstation hardening and other operating system baselines. Controls assessments can be run as-needed or scheduled to occur regularly to ensure on going policy compliance. Reports highlighting your most critical and most at-risk systems, provide summaries. NetIQ Vulnerability Manager has the power to identify missing patches on Windows, Unix and Linux platforms. Moreover, NetIQ Vulnerability Manager assists patch management efforts on Windows workstations and servers by assessing automatic update settings and identifying patch installation failures and other events related to patch deployments.

• Company: NetIQ Corporation
• URL: www.netiq.com
• Email: info@netiq.com

• Users' Rating: 4 [22 votes] - Vote
• Comment: 1 comment - View / Post

ShadowSecurityScanner Listing updated: July 13, 2006

Shadow Security Scanner has been developed to provide a secure, prompt and reliable detection of a vast range of security system holes. After completing the system scan, Shadow Security Scanner analyses the data collected, locates vulnerabilities and possible errors in server tuning options, and suggests possible ways of problem solution. Shadow Security Scanner employs a system security analysis algorithm based on a patented "intellectual core".

• Company: Safety-Lab
• URL: www.safety-lab.com
• Email: edward@safety-lab.com
• Price: $299

• Users' Rating: 4.56 [36 votes] - Vote
• Comment: 1 comment - View / Post

Sandcat Scanner Listing updated: August 5, 2005

Sandcat Scanner provides a tool for security auditors and system administrators seeking to assess the security posture of an organization's web presence. Features such as SANS Top 20 scan, IDS test, and destructive/non-destructive scan are available from the user interface and as command line parameters, letting you work in the way you feel comfortable. Sandcat Scanner also scans for outdated server software. Sandcat Scanner user interface is similar to a web browser, and most users should be familiar with it

• Company: Syhunt Security
• URL: www.syhunt.com
• Email: contact@syhunt.com

• Users' Rating: 4 [6 votes] - Vote
• Comments: 0 comments - Post

SecurityEXPERT - Policy-Driven Vulnerability Management Listing updated: May 2, 2005

SecurityEXPERT brings recommendations together in a view where it is easy for the systems administrator to set a security policy without conflicts. Users can review the recommendations based on selected machine configurations and create settings policy based on those recommendations. While patching is important, best practices for System Vulnerability Management dictate creating a security policy, enforcing the policy and routinely auditing machines.

SecurityEXPERT uses a policy-based approach where security settings are presented in templates that encapsulate a variety of third party recommendations. You can review these recommendations and create your settings policies based on them. You can then audit, enforce and report on managed machines with respect to their assigned policies.

• Company: St. Bernard Software
• URL: www.stbernard.com
• Email: info@stbernard.com
• Screenshot: click here

• Users' Rating: no votes - Vote
• Comments: 0 comments - Post

Security Auditor's Research Assistant Listing updated: April 29, 2005

SARA is a network security scanner that discovers, analyzes, and reports on security vulnerabilities of network-based computers, server, routers,and firewalls. It performs over 1,000 tests on each network node that it discovers. It is built to support the large scale enterprise model that contains over 25,000 nodes. It is approved for operation in the SANS Top Ten and Top 20 environments.

• Company: Advanced Research Corporation
• URL: www-arc.com
• Email: info@arc.com

• Users' Rating: 3.5 [4 votes] - Vote
• Comments: 0 comments - Post