Security risk analysis software solutions are used by companies to analyze IT portfolios and address potential security issues. These tools monitor networks, applications, and infrastructure to identify vulnerabilities. They then provide users with recommendations to adopt additional security practices or solutions. Companies use these tools to ensure they have a well-rounded security plan and sufficient security technologies. These solutions may have some overlap with IT portfolio analysis software but are specifically targeted toward security operations and software.
To qualify for inclusion in the Security Risk Analysis software category, a product must:
Security Risk Analysis reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Built for security practitioners, by security professionals, Nessus Professional is the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices and applications. With features such as pre-built policies and templates, customizable reporting, group
Qualys' integrated approach to IT security and compliance enables organizations of all sizes to successfully achieve both vulnerability management and policy compliance initiatives cohesively. Our solutions empower various roles within the organization to meet your unique requirements. Built on top of Qualys’ Infrastructure and Core Services, the Qualys Cloud Suite incorporates the following applications, all of which are delivered via the cloud: • AssetView • Vulnerability Management • Con
Nexpose, Rapid7’s on-premise option for vulnerability management software, monitors exposures in real-time and adapts to new threats with fresh data, ensuring you can always act at the moment of impact. If you’re looking for more advanced capabilities such as Remediation Workflow and Rapid7's universal Insight Agent, check out our platform-based vulnerability management software, InsightVM.
AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physica
Netwrix Auditor is a visibility platform for user behavior analysis and risk mitigation that enables control over changes, configurations and access in hybrid IT environments to protect data regardless of its location. The platform provides security intelligence to identify security holes, detect anomalies in user behavior and investigate threat patterns in time to prevent real damage. Netwrix Auditor includes applications for Active Directory, Azure AD, Exchange, Office 365, Windows file serve
Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments.
Cloud Security Command Center helps security teams gather data, identify threats, and act on them before they result in business damage or loss. It offers deep insight into application and data risk so that you can quickly mitigate threats to your cloud resources and evaluate overall health.
Provides automated security testing and security scan of web applications to identify vulnerabilities, scans your network and devices and suggest to you recommendations on how they can be fixed, and provides a source code analysis to identify and resolve security weaknesses and vulnerabilities
Sophisticated, targeted attacks can take weeks, months or longer to discover and resolve. Incident response teams need tools that quickly uncover the full source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk and further fortify the network. Like a security camera for the network, Blue Coat Security Analytics delivers full network security visibility, advanced network forensics, anomaly detection and real-time content inspection for all network activity. This effectiv
IBM Application Security on Cloud helps secure your organization's Web and mobile applications, by detecting dozens of today's most pervasive published security vulnerabilities. IBM Application Security on Cloud helps to eliminate vulnerabilities from applications before they are placed into production and deployed. Convenient, detailed reporting permits you to effectively address application security risk, enabling application users to benefit from a more secure experience. IBM Open Source Anal
Alert Logic's SIEMless Threat Management offering seamlessly connects an award-winning security platform, threat intelligence & expert defenders to provide the right level of security & compliance coverage for the right resources across your environments. Choose your level of coverage for asset discovery, vulnerability scanning, cloud configuration checks, threat monitoring, intrusion detection, log collection & monitoring, WAF defense & more - with 24/7 support & SOC service
BeyondTrust Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-driven architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud, virtual, and IoT infrastructure. - Discover network, web, mobile, cloud, virtual, and IoT infrastructure - Profile asset co
The CyberStrong Platform is an integrated risk management solution powering automated, intelligent cybersecurity compliance and risk management. Built on the gold-standard foundation of the NIST Cybersecurity Framework, CyberStrong’s capabilities streamline GRC activities and provide a fully integrated, single pane of glass through which CISOs and their security teams can measure, report, and mitigate risk. CyberStrong's instant time-to-value, rapid implementation, and flexibility is fueled by p
FireMon is the No.1 Intelligent Security Management solution provider, combining advanced automation and analysis to deliver next-generation security intelligence to enterprise organizations, government agencies and managed security providers. The FireMon product suite enables network security and operations teams to more effectively manage their security infrastructure. Security Manager FireMon Security Manager provides continuous visibility into and control over network security devices and
InsightVM, Rapid7’s vulnerability assessment solution, utilizes the power of the Insight platform and the heritage of our award-winning Nexpose product to provide full visibility of your modern ecosystem, prioritize risk using attacker analytics, contain threats, and remediate with SecOps agility. Leveraging InsightVM’s advanced analytics and endpoint technology enables you to discover vulnerabilities in real time and prioritize them actionably. Then, automate remediation by integrating into you
Kenna is a software-as-a-service Risk and Vulnerability Intelligence platform that measures risk and prioritizes remediation efforts before an attacker can exploit an organization's weaknesses, it automates the correlation of vulnerability data, threat data, and 0-day data, analyzing security vulnerabilities against active Internet breaches so that InfoSec teams can prioritize remediations and report on their overall risk posture.
Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than thr
SAINT developed SAINTCloud® from the ground up to provide all of the power and capability offered in our fully-integrated vulnerability management solution, SAINT Security Suite, without the need to implement and maintain on-premise infrastructure and software. This means more time spent on reducing risk – less time managing the tools you use.
Apptega is cybersecurity management software helping businesses of all sizes easily build, manage and report their cybersecurity programs for SOC 2, NIST, ISO, PCI, SANS, GDPR, HIPAA and many others. Simplify implementing cybersecurity with real-time compliance scoring, project lifecycle, task management, calendaring, collaboration, budgeting and vendor management all in one place giving you complete control of your cybersecurity program and compliance data.
Atomic Enterprise OSSEC is the commercially enhanced version of the OSSEC Intrusion Detection System brought to you by the sponsors of the OSSEC project. OSSEC is the world’s most popular open source host-based intrusion detection system (HIDS) used by tens of thousands of organizations. Atomicorp extends OSSEC with a management console (OSSEC GUI), advanced file integrity management (FIM), compliance auditing and reporting, expert support and more. Intrusion Detection Detect anomalous behavio
AVDS is a complete network scanning solution available in a broad product line. AVDS was designed for continent spanning networks with tens of thousands of IPs, but that same, powerful scanning engine is available in an entry level version for small networks run by a single administrator. It is also available as a hosted solution for the scanning of one to one thousand external IPs or web sites.
Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations reduce response time to emerging threats, impact to business, and technology risk and compl
CETBIX Risk Assessment and Management platform which is also a part of the Cetbix Information Security Management System model is seen as a better choice for organizations looking for ISMS that relates to data security. In the cybersecurity zone, the CETBIX standards for best practice have been developed that provide guidance to organizations wishing to defend their data and business assets from cyber crimes. It also prepares you to other industry compliance standards such as the ISO 27001 and m
Cloud Conformity is a cloud infrastructure governance system designed to help you prevent, detect, and correct critical threats to your AWS environments. The Security and Compliance product gives you a deep level of forensics into your cloud architecture to continuously assure any vulnerabilities are caught and fixed with our rules based on the AWS Well-Architected Framework. Furthermore, the tool enables you to constantly benchmark your environments against global standards such as PCI-DSS, C
CyberInt developed the CybeReadiness Suite to enable CISOs and senior executives to continuously measure and monitor their organization’s cyber readiness. The suite simulates complex attack scenarios targeting your organization, all from the perspective of an attacker, validating your defense's efficiency in the face of current and emerging cyber threats.
Cybergovernance Maturity Oversight Model (CMOM) is a SaaS platform that collects data on cybersecurity controls within an organization to generate information needed for directors and executive management to identify defensive weak spots, assign responsibility to managers, encourage inter-departmental collaboration and demonstrate active and evolving cybersecurity maturity.
Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.The Digital Shadows SearchLight™ service combines scalable data analytics with human data analysts to manage and mitigate risks to your business.