GetApp offers free software discovery and selection resources for professionals like you. Our service is free because software vendors pay us when they generate web traffic and sales leads from GetApp users. Because we’re committed to help you find the right solution for your business needs, we list all software vendors on our website, and give them the opportunity to feature their solutions and collect user reviews. At GetApp, our comprehensive software listings, verified user reviews, software evaluation scorecards, product comparison pages and articles will empower you to make confident and well-informed purchase decisions.
Here's our list of apps for Vulnerability Management Software. Filters help you narrow down the results to find exactly what you’re looking for.
We provide a Software Security platform designed to bring you objective data so you can make informed decisions regarding the security risks faced by your applications. SAST and open source management of your entire portfolio.
Read more about Kiuwan
Nexus Lifecycle by Sonatype is an application security and dependency management solution designed to help organizations manage open-source governance and automatically find and fix vulnerabilities across the entire software development lifecycle (SDLC). The platform enables developers to monitor security standards in the development process and...
Read more about Nexus Lifecycle
Runecast Analyzer is a secure (on-premises), real-time issue analysis solution for VMware + AWS hybrid cloud, to automate security and audit compliance, identify and prioritize vulnerabilities, analyze logs for patterns, align with Best Practices, and simulate upgrades against the VMware HCL.
Read more about Runecast Analyzer
Traditional agent-based vulnerability management solutions are unfit for cloud. DevOps doesn't want to be bothered with deploying and maintaining agents on VMs, in containers, and in serverless configurations. Orca detects vulnerabilities, malware, misconfigurations, and more.
Read more about Orca Security
Efficiently Reduce Organizational Security Risk with TOPIA's leading vulnerability management platform that provides an efficient way to patch-less and get more.
TOPIA enables companies to analyze, prioritize, and act against software vulnerabilities with or without a security patch.
Read more about TOPIA
With Rencore, users can automate Microsoft 365 Governance, ranging from mid-level businesses to large enterprises worldwide while providing maximum flexiblity. Rencore integrates with Microsoft Teams, SharePoint, Azure, and Power Platform and is used for monitoring end-user acivity, governance planning, automated fixing and deviation discovery.
Read more about Rencore Governance
Crashtest Security is a vulnerability testing software that helps businesses perform automated scans to detect cybersecurity threats across applications. Managers can conduct single-page, multi-page, and documentation-based scans to identify attack vectors across several web applications.
Read more about Crashtest Security
Pentera is the category leader for Automated Security Validation, allowing organizations to stress-test with ease the integrity of all cybersecurity layers - including ransomware readiness - unfolding true, current security exposures at any moment, at any scale.
Read more about Pentera
FlexNet Code Insight is designed to help development, legal, and security teams handle open source software (OSS) through automated scans. It enables organizations to manage license compliance and security risks by identifying vulnerabilities during the entire application production lifecycle.
Read more about FlexNet Code Insight
Vulcan Cyber is a vulnerability management software that helps businesses of all sizes identify, prioritize, and remediate risks. Administrators can gain insights into actual risks across attack surfaces on a unified interface.
Read more about Vulcan Cyber
Malwarebytes is a network security software that enables businesses to identify and detect potential cyberthreats across networks or enterprise servers. The cloud-based Malwarebytes Nebula platform lets administrators gain visibility into threat patterns from the centralized dashboard.
Read more about Malwarebytes for Business
Nessus is a cloud-based vulnerability assessment solution designed to help security practitioners identity and resolve vulnerabilities to protect organizations against various security risks. It comes with pre-defined templates which can be customized by users to scan for critical vulnerabilities.
Read more about Nessus
Syxsense is an endpoint security software designed to help SecOps departments, managed service providers (MSPs), and IT professionals maintain threat prevention through authorization scanning, third-party patching, communication blocking from infected devices, and continuous collaboration.
Read more about Syxsense
Automox is a cloud-based cyber hygiene and patch management solution that helps enterprises streamline endpoint protection and minimize cyber threats across all devices. The centralized platform provides users with an overview of devices requiring patch approvals, system updates, or troubleshooting.
Read more about Automox
SiteGround is a cloud-based vulnerability management tool that helps businesses leverage AI technology to monitor and identify potential issues across servers. The application automatically prevents botnet attacks across all servers to prevent unauthorized access and secure other hosting resources.
Read more about SiteGround
Netsparker web application security scanning solution automatically identifies XSS, SQL Injection and other vulnerabilities in websites, web applications and web services and lets enterprise-class businesses automate and scale their web security program.
Read more about Invicti
Qualys Cloud Platform is designed to help businesses automate the security and monitoring of web applications and gain visibility into the utilization of IT assets. It enables IT professionals to detect threats related to unauthorized access across networks and conduct audits and IP scans.
Read more about Qualys Cloud Platform
DataDome Anti-bot Protection software is a cloud-based platform designed to help businesses identify and prevent bot attacks in real-time using in-memory pattern databases along with machine learning (ML) and artificial intelligence (AI) technologies.
Read more about DataDome
Falcon is a cloud-based endpoint protection platform designed to help enterprises detect, manage, and remediate threats in real-time to prevent data loss. Features include event recording, alerts, prioritization, credential management, and access control.
Read more about Falcon
AWS Config is a configuration and vulnerability management software that helps businesses manage continuous audits, operational troubleshooting, compliance monitoring, and more from within a unified platform. It allows staff members to automatically send updates of all configuration changes including resource updation, creation, and deletion.
Read more about AWS Config
SanerNow is an integrated platform that helps businesses secure system devices and monitor potential threats across digital assets via patch management, endpoint detection & response (EDR), and more. Key features include regulatory compliance, asset management, audit trails, and reporting.
Read more about SanerNow
vRealize Automation (vRA) is a web-based configuration management software designed to help organizations streamline IT services requests made by authorized administrators, business users or developers from a secure portal whilst maintaining compliance with industrial policies.
Read more about vRealize Automation
USM Anywhere is a cloud-based threat detection and response software designed to help IT professionals automatically collect and analyze data across cloud, on-premise, and hybrid environments. Powered by Alien Labs, the platform lets security teams leverage data from leverages from the Open Threat Exchange (OTX) to gain threat intelligence.
Read more about USM Anywhere
DriveStrike is a cloud-based data and device protection solution which helps businesses of all sizes with data security and compliance. Key features include incident management, policy management, automated device recognition, real time monitoring, and remote locking.
Read more about DriveStrike
Alert Logic MDR is a managed detection and response platform that helps businesses identify, investigate, and eliminate active threats across networks, applications, and endpoint devices. Features include asset discovery, PCI scanning, behavior tracking, web log analytics & real-time reporting.
Read more about Alert Logic MDR
IncMan SOAR is a cloud-based and on-premise platform, which enables enterprises to manage, evaluate, and plan various security operation tasks such as threat hunting and investigation, triage and escalation, incident qualification, and more using machine learning and automation capabilities.
Read more about IncMan SOAR
Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization.
Read more about Snyk
Automated certificate management solution, capable of detecting all SSL/TLS assets, even unknown. It scans your networks and checks for potential weaknesses and vulnerabilities to be addressed. It provides in-dashboard system health overview, single inventory, expiration reporting and more.
Read more about Keyhub
Veriato RansomSafe is a data protection and defense solution that protects businesses from ransomware attacks. It is designed to detect attacks before data damage or losses occur. Veriato RansomSafe includes features such as file backups, encryption protection, and rapid recovery to protect data.
Read more about Veriato RansomSafe
ArcSight is a vulnerability scanning software that helps businesses utilize machine learning technology to detect threats, handle investigations, create prioritized event lists, and more on a centralized platform. It enables staff members to extract entities from log files and observe events and behavior across users, IP addresses, servers, and...
Read more about ArcSight
SilverSky Managed Security Services is a cloud-based cybersecurity platform that helps businesses monitor firewalls and automate remediation processes to handle threats. Features include routing, authentication, issue tracking, encryption, content filtering, log management, and analytics.
Read more about SilverSky Managed Security Services
Protect Windows systems and Office 365 Data from cyberthreats, natural disaster, human error and sabotage. On-premise and cloud backup solutions that perform automatic, scheduled backups to a variety of backup devices.
Read more about BackupAssist
Dark Web ID is a cloud-based cybersecurity tool, which monitors the dark web and alerts businesses to any risks or threats. The platform can be used by MSPs or enterprises to prevent data breaches and ensure sensitive employee or company data is not available on the dark web.
Read more about Dark Web ID
HackerOne is a web-based cybersecurity platform designed to help businesses across various industry verticals such as education, telecom, aviation, media, financial services, and more eliminate vulnerabilities by securing continuous development processes.
Read more about HackerOne
Greenbone is vulnerability management software for any-level sized businseses for security issue detection. Greenbone is based on open-source software which evaluates and analyzes IT networks, generating security reports, providing remediation advice. Greenbone also offers daily security updates which are atuomatic. The software is available as...
Read more about Greenbone
WhiteSource is the leading solution for agile open source security and management.
We help companies find and fix open source vulnerabilities, including prioritizing vulnerabilities based on vulnerability's effectiveness.
Read more about WhiteSource
HackEDU is a cloud-based solution, which helps businesses manage training programs for software developers. Primarily designed to help development teams improve code quality and maintain compliance, HackEDU offers customized programs, certifications, progress tracking, and more.
Read more about HackEDU
Checkmarx Static Application Security Testing (CxSAST) is designed to help businesses conduct static analysis for identifying vulnerabilities in custom codes and open source applications. It enables DevOps teams to scan source codes in the software development lifecycle (SDLC), mitigate risks, and gain insights into the system's security framework.
Read more about CxSAST
Amazon CloudWatch is a vulnerability management software designed to help DevOps engineers, IT managers, and site reliability engineers (SREs) observe and manage AWS resources. Administrators can gain insights into operational data to visualize logs and utilize machine learning algorithms to detect anomalous behavior across environments.
Read more about Amazon CloudWatch
Vendors bid for placement within our listings. This option sorts the directory by those bids, highest to lowest. Vendors who bid for placement can be identified by the blue “Visit Website” button on their listing.
Sorts products as a function of their overall star rating, normalized for recency and volume of reviews, from highest to lowest.