GetApp offers free software discovery and selection resources for professionals like you. Our service is free because software vendors pay us when they generate web traffic and sales leads from GetApp users. Because we’re committed to help you find the right solution for your business needs, we list all software vendors on our website, and give them the opportunity to feature their solutions and collect user reviews. At GetApp, our comprehensive software listings, verified user reviews, software evaluation scorecards, product comparison pages and articles will empower you to make confident and well-informed purchase decisions.
Here's our list of apps for Vulnerability Management Software. Filters help you narrow down the results to find exactly what you’re looking for.
ThreadFix is a vulnerability management solution designed to help businesses consolidate test results and prioritize risk decisions. Software development and server operation teams can export vulnerability data into defect tracking and ticketing systems to resolve discovered vulnerabilities.
Read more about ThreadFix
We provide a Software Security platform designed to bring you objective data so you can make informed decisions regarding the security risks faced by your applications. SAST and open source management of your entire portfolio.
Read more about Kiuwan
Traditional agent-based vulnerability management solutions are unfit for cloud. DevOps doesn't want to be bothered with deploying and maintaining agents on VMs, in containers, and in serverless configurations. Orca detects vulnerabilities, malware, misconfigurations, and more.
Read more about Orca Security
Detectify is a cybersecurity solution designed to help security teams monitor assets and identify threats across web applications. Administrators can add domains or IP addresses, verify asset ownership, and scan profiles to track vulnerabilities including DNS misconfigurations and SQL injections.
Read more about Detectify
Malwarebytes is a network security software that enables businesses to identify and detect potential cyberthreats across networks or enterprise servers. The cloud-based Malwarebytes Nebula platform lets administrators gain visibility into threat patterns from the centralized dashboard.
Read more about Malwarebytes Endpoint Protection
Syxsense is an endpoint security software designed to help SecOps departments, managed service providers (MSPs), and IT professionals maintain threat prevention through authorization scanning, third-party patching, communication blocking from infected devices, and continuous collaboration.
Read more about Syxsense
Runecast Analyzer is a secure (on-premises), real-time issue analysis solution for VMware + AWS hybrid cloud, to automate security and audit compliance, identify and prioritize vulnerabilities, analyze logs for patterns, align with Best Practices, and simulate upgrades against the VMware HCL.
Read more about Runecast Analyzer
Efficiently Reduce Organizational Security Risk with TOPIA's leading vulnerability management platform that provides an efficient way to patch-less and get more.
TOPIA enables companies to analyze, prioritize, and act against software vulnerabilities with or without a security patch.
Read more about TOPIA
DataDome Anti-bot Protection software is a cloud-based platform designed to help businesses identify and prevent bot attacks in real-time using in-memory pattern databases along with machine learning (ML) and artificial intelligence (AI) technologies.
Read more about DataDome
FlexNet Code Insight is designed to help development, legal, and security teams handle open source software (OSS) through automated scans. It enables organizations to manage license compliance and security risks by identifying vulnerabilities during the entire application production lifecycle.
Read more about FlexNet Code Insight
Vulcan Cyber is a vulnerability management software that helps businesses of all sizes identify, prioritize, and remediate risks. Administrators can gain insights into actual risks across attack surfaces on a unified interface.
Read more about Vulcan Cyber
Elasticsearch is a RESTful search & analytics solution designed to helps users search and analyze trends in structured and unstructured data. Key features include data indexing, automatic node recovery, index lifecycle management, audit logging, and alert notifications.
Read more about Elasticsearch
Nessus is a cloud-based vulnerability assessment solution designed to help security practitioners identity and resolve vulnerabilities to protect organizations against various security risks. It comes with pre-defined templates which can be customized by users to scan for critical vulnerabilities.
Read more about Nessus
Automox is a cloud-based cyber hygiene and patch management solution that helps enterprises streamline endpoint protection and minimize cyber threats across all devices. The centralized platform provides users with an overview of devices requiring patch approvals, system updates, or troubleshooting.
Read more about Automox
Netsparker web application security scanning solution automatically identifies XSS, SQL Injection and other vulnerabilities in websites, web applications and web services and lets enterprise-class businesses automate and scale their web security program.
Read more about Netsparker
Qualys Cloud Platform is designed to help businesses automate the security and monitoring of web applications and gain visibility into the utilization of IT assets. It enables IT professionals to detect threats related to unauthorized access across networks and conduct audits and IP scans.
Read more about Qualys Cloud Platform
SiteGround is a cloud-based vulnerability management tool that helps businesses leverage AI technology to monitor and identify potential issues across servers. The application automatically prevents botnet attacks across all servers to prevent unauthorized access and secure other hosting resources.
Read more about SiteGround
vRealize Automation (vRA) is a web-based configuration management software designed to help organizations streamline IT services requests made by authorized administrators, business users or developers from a secure portal whilst maintaining compliance with industrial policies.
Read more about vRealize Automation
USM Anywhere is a cloud-based threat detection and response software designed to help IT professionals automatically collect and analyze data across cloud, on-premise, and hybrid environments. Powered by Alien Labs, the platform lets security teams leverage data from leverages from the Open Threat Exchange (OTX) to gain threat intelligence.
Read more about USM Anywhere
DriveStrike is a cloud-based data and device protection solution which helps businesses of all sizes with data security and compliance. Key features include incident management, policy management, automated device recognition, real time monitoring, and remote locking.
Read more about DriveStrike
SanerNow is an integrated platform that helps businesses secure system devices and monitor potential threats across digital assets via patch management, endpoint detection & response (EDR), and more. Key features include regulatory compliance, asset management, audit trails, and reporting.
Read more about SanerNow
Falcon is a cloud-based endpoint protection platform designed to help enterprises detect, manage, and remediate threats in real-time to prevent data loss. Features include event recording, alerts, prioritization, credential management, and access control.
Read more about Falcon
IncMan SOAR is a cloud-based and on-premise platform, which enables enterprises to manage, evaluate, and plan various security operation tasks such as threat hunting and investigation, triage and escalation, incident qualification, and more using machine learning and automation capabilities.
Read more about IncMan SOAR
Alert Logic MDR is a managed detection and response platform that helps businesses identify, investigate, and eliminate active threats across networks, applications, and endpoint devices. Features include asset discovery, PCI scanning, behavior tracking, web log analytics & real-time reporting.
Read more about Alert Logic MDR
Automated certificate management solution, capable of detecting all SSL/TLS assets, even unknown. It scans your networks and checks for potential weaknesses and vulnerabilities to be addressed. It provides in-dashboard system health overview, single inventory, expiration reporting and more.
Read more about Keyhub
Veriato RansomSafe is a data protection and defense solution that protects businesses from ransomware attacks. It is designed to detect attacks before data damage or losses occur. Veriato RansomSafe includes features such as file backups, encryption protection, and rapid recovery to protect data.
Read more about Veriato RansomSafe
ArcSight is a vulnerability scanning software that helps businesses utilize machine learning technology to detect threats, handle investigations, create prioritized event lists, and more on a centralized platform. It enables staff members to extract entities from log files and observe events and behavior across users, IP addresses, servers, and...
Read more about ArcSight
Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization.
Read more about Snyk
SilverSky Managed Security Services is a cloud-based cybersecurity platform that helps businesses monitor firewalls and automate remediation processes to handle threats. Features include routing, authentication, issue tracking, encryption, content filtering, log management, and analytics.
Read more about SilverSky Managed Security Services
Dark Web ID is a cloud-based cybersecurity tool, which monitors the dark web and alerts businesses to any risks or threats. The platform can be used by MSPs or enterprises to prevent data breaches and ensure sensitive employee or company data is not available on the dark web.
Read more about Dark Web ID
HackerOne is a web-based cybersecurity platform designed to help businesses across various industry verticals such as education, telecom, aviation, media, financial services, and more eliminate vulnerabilities by securing continuous development processes.
Read more about HackerOne
WhiteSource is the leading solution for agile open source security and management.
We help companies find and fix open source vulnerabilities, including prioritizing vulnerabilities based on vulnerability's effectiveness.
Read more about WhiteSource
FireMon is a network security management solution for hybrid cloud that delivers continuous security for multi-cloud enterprise environments through a powerful fusion of vulnerability management, compliance and orchestration.
Read more about Security Manager by FireMon
Crashtest Security is a vulnerability testing software that helps businesses perform automated scans to detect cybersecurity threats across applications. Managers can conduct single-page, multi-page, and documentation-based scans to identify attack vectors across several web applications.
Read more about Crashtest Security
Checkmarx Static Application Security Testing (CxSAST) is designed to help businesses conduct static analysis for identifying vulnerabilities in custom codes and open source applications. It enables DevOps teams to scan source codes in the software development lifecycle (SDLC), mitigate risks, and gain insights into the system's security framework.
Read more about CxSAST
Confidently secure containers, Kubernetes and cloud with the Sysdig Secure DevOps Platform. Scan images, detect and respond to threats, validate cloud posture and compliance, monitor and troubleshoot.
Read more about Sysdig
baramundi Management Suite is an IT asset management software designed to help businesses manage and protect endpoints across multiple corporate networks. Administrators can track application usage and manage licenses on a unified interface.
Read more about baramundi Management Suite
CySight enables organizations to tackle the increasing density, complexity, and expanse of modern physical and cloud networking. Deploying cyber network intelligence, CySight allows network and security teams to substantially accelerate incident response by eliminating blindspots, analyzing network telemetry to discover anomalies, uncover...
Read more about CySight
Intruder is a cloud-based vulnerability scanner which scans digital assets, identifies threats and generates reports. Designed for small to medium businesses, it assists users with automated assessments, bug tracking, patch management, network security, data encryption & hybrid penetration testing.
Read more about Intruder
Fyde is a cloud-based network security solution designed to assist enterprises with providing partners and contractors privileged access to corporate resources and applications. Key features include policy management, application segmentation, threat detection, and identity management.
Read more about Fyde
Cybrhawk SIEM ZTR helps users manage all their data and applications across multiple endpoints, ensuring protection from cyber-crimes, and breaches. It automatically captures, stores, and standardizes security information about domain controllers, network computers, and databases.
Read more about Cybrhawk SIEM ZTR
Vendors bid for placement within our listings. This option sorts the directory by those bids, highest to lowest. Vendors who bid for placement can be identified by the blue “Visit Website” button on their listing.
Sorts products as a function of their overall star rating, normalized for recency and volume of reviews, from highest to lowest.