Top Free Security Risk Analysis Software

Check out our list of free Security Risk Analysis Software. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.

If you'd like to see more products and to evaluate additional feature options, compare all Security Risk Analysis Software to ensure you get the right product.

(161)4.4 out of 5
Optimized for quick response
Entry Level Price:$2,790

Built for security practitioners, by security professionals, Nessus Professional is the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly and easily identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations - across a variety of operating systems, devices and applications. With features such as pre-built policies and templates, customizable reporting, group

I like this product where I used to scan the network devices like routers, firewalls, switches , workstations,Linux servers and windows servers and... Read review
Low pricing, trial versions, seamless and simple user friendly UI Read review
(107)4.4 out of 5
Optimized for quick response

AlienVault USM Anywhere is a cloud-based security management solution that accelerates and centralizes threat detection, incident response, and compliance management for your cloud, hybrid cloud, and on-premises environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physica

Matthew W.
AlienVault USM Anywhere is easy to deploy with their Cloud-based model and deploying the required agents on-prem (or in the Cloud) is quick and... Read review
Kristopher H.
I like the fact they provide a free version of their flagship product in a .ova or vmdk file format so it is quickly loaded into VMWare or... Read review
(22)4.4 out of 5

Netwrix Auditor is a visibility platform for user behavior analysis and risk mitigation that enables control over changes, configurations and access in hybrid IT environments to protect data regardless of its location. The platform provides security intelligence to identify security holes, detect anomalies in user behavior and investigate threat patterns in time to prevent real damage. Netwrix Auditor includes applications for Active Directory, Azure AD, Exchange, Office 365, Windows file serve

Adam B.
Email based alerting and reporting, exhaustive options for tracking changes to active directory. Clear and concise. SQL based logs of all data... Read review
Kyle R.
The reporting that is provided both OOB and available for building are quite robust. The GUI is very easy to navigate and quite intuitive. The... Read review
(27)4.5 out of 5

SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated. SecurityScorecard’s patented rating technology is used by over 1,000 organizations for self-monitoring, third-party risk management, board reporting and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity risks across their externally facing digital footprint. SecurityScorecard is the only pr

Brad H.
It's nice to know that they are always watching my critical vendors and I can see how they are scoring. I also like that I can invite vendors to... Read review
(19)4.6 out of 5

Cybersecurity and Compliance Made Easy... Apptega helps businesses of all sizes accelerate and automate compliance efforts, monitor program performance, and always be audit-ready—all while fortifying your cybersecurity. Choose your frameworks, including PCI, SOC 2, NIST, ISO, CIS v7, GDPR, HIPAA, CCPA and more, and manage your program with: -Automated Cybersecurity Framework Crosswalks -Real-Time Compliance Scoring -Project Management -Workflow & Task Management -Collaboration -Budgeting -P

Andrew G.
Easy to navigate UI/dashboards Lots of cybersecurity frameworks out of the box Detailed controls/tasks for documenting compliance Ease of... Read review
(7)4.8 out of 5

Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments.

The customer service and support, always willing to listen to feedback and ideas and go the extra mile. Don't feel like I'm just another account... Read review
(7)4.1 out of 5

SanerNow is a SaaS platform for endpoint security and management — a platform that hosts numerous tools to cover various endpoint security and management requirements. SanerNow addresses the following business cases: - Vulnerability Management - Patch Management - Compliance Management - Asset Management - Endpoint Management - Application and Device Control - Software Deployment - Endpoint Threat Detection and Response

Taylo C.
All major security systems are up-to-date with the help of this cloud-based endpoint security. It is very user-friendly. It enables sub-users to... Read review

Frontline Vulnerability Manager™ (Frontline VM™) by Digital Defense provides vulnerability scanning and management that is centralized, powerful, and user friendly. Reports deliver accurate, actionable results that include prioritization features such as security rating and peer comparisons. Delivered via SaaS platform, Frontline VM is lightweight, flexible, and easy to integrate. Learn more at

Digital Defense has been great so far with both vulnerability and penetration scanning and testing. The reports are very easy to decipher, scanning... Read review
The site is really easy to use to determine what machines and devices have issues as will as it contains a great deal of information on how to... Read review

BeyondTrust Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-driven architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud, virtual, and IoT infrastructure. - Discover network, web, mobile, cloud, virtual, and IoT infrastructure - Profile asset co

Reporting and vulnerability classification. Read review
The best feature of this is identifying the configuration weaknesses in a network.It is best useful to discover, profile and assess all assets... Read review
(1)2.5 out of 5

Integrates and correlates vulnerability scanners data and multiple exploit feeds combined with business and IT factors and to prioritize cyber security risks. Helps CISO, Red Teams and Vulnerability Assessment Teams reduce time-to-fix, prioritize and report risks. Used by Governments, Military, Banking, Finance, and E-Commerce companies

easy to identify GDPR conflicts manage and resolve. Read review
(3)4.7 out of 5

Certa is a no-code SaaS solution with tailorable workflows. Our platform addresses the full lifecycle of direct and indirect suppliers from onboarding, risk assessment, contracting, to ongoing monitoring enabling faster onboarding, lesser efforts, and errors.

I do not have any more paper credit applications. Read review
Easy to navigate, and data is readily available! Read review

The CyberStrong Platform powers automated, intelligent cybersecurity compliance and risk management and an Integrated Risk Management strategy. Built on the gold-standard foundation of the NIST Cybersecurity Framework, CyberStrong’s capabilities streamline GRC activities and provide a fully integrated, single pane of glass through which CISOs and their security teams can measure, report, and mitigate risk. CyberStrong's purpose-built functionality includes rapid implementation and flexibility th

It's a great all around tool... Provide insight and simplification to the often confusing topics and language used in compliance frameworks. Makes... Read review
(1)3.5 out of 5

Nipper discovers vulnerabilities in firewalls, switches and routers, automatically prioritizing risks to your organization. Our virtual modelling reduces false positives and identifies exact fixes to help you stay secure and compliant Analyzing the configurations and interactions of your network infrastructure with the expertize of a skilled penetration tester – Nipper’s unrivaled accuracy can save Network Administrators up to 3 hours per audit, per device. Instead of spending time investigatin

Frank B.
The software does a great job creating an effective report that dives into security flaws with a network configuration. The ability for it to... Read review
(11)4.4 out of 5

Companies like Intercontinental Exchange, Taylor Fry, The New York Stock Exchange, IAG, First State Super, Akamai, Morningstar, and NASA use UpGuard's security ratings to protect their data, prevent data breaches and assess their security posture. UpGuard Vendor Risk ( can minimize the amount of time your organization spends assessing related and third-party information security controls by automating vendor questionnaires and providing vendor question

UpGuard delivers Cyber Resilience for digital businesses, enabling IT teams to trust their systems Read review
(1)0.0 out of 5

ASPIA is an Automated and Simplified Application Security Management Platform that significantly reduces manual efforts and greatly simplifies the assessment process.Smart remediation decisions based on comprehensive risk visibility helps senior management improve overall risk management efforts.Automated Report generation and Reminders along with access to all tools under one roof saves time and resources for the security teams.

Automated alerts and reports. Unified Dashboard. Analytics and graphs. Control over the security assessment process. Read review
0 ratings

Cymptom's Network Security Posture Management platform is the only solution that provides continuous full visibility of the entire hybrid network threat landscape in real-time. Cymptom maps all misconfigurations, segmentation flaws, weaknesses and vulnerabilities, as well as open ransomware vectors in the hybrid network continuously in real-time. Unlike standard security tools, Cymptom identifies all open attack paths in the organizational network and alerts about critical risks as soon as they

0 ratings

Digital Shadows SearchLight protects against external threats, continually identifying where your assets are exposed, providing sufficient context to understand the risk, and options for remediation.

0 ratings

FireMon is the #1 security automation solution for hybrid cloud enterprises. FireMon delivers persistent network security for multi-cloud environments through a powerful fusion of real-time asset visibility, compliance, and automation. Since creating the first-ever network security policy management solution, FireMon has delivered command and control over complex network security infrastructures for more than 1,700 customers located in nearly 70 countries around the world. FireMon Automation de

(1)4.0 out of 5

inDefend is a comprehensive solution that helps to detect various types of insider threats and also prevent the leakage of sensitive data through various communication channels on endpoints. This solution is built to achieve complete transparency over all the digital assets residing within the organization, thus, ensuring maximum security and solid safeguarding against all such threats across the organization.

Support for all OS type like Linux, Ubuntu, Fedora, MAC and Windows along with Email gateway monitoring and Printer monitoring add edge to its... Read review

IntSights is the leading external threat intelligence and protection platform, designed to neutralize threats outside the wire. The IntSights solution suite equips cybersecurity teams worldwide to more effectively detect and prevent threats at their source before they even reach the perimeter. The founders are veterans of elite Israeli military intelligence units, where they acquired a deep understanding of the hacker mindset, as well as the most effective techniques to defend against it. IntSi

0 ratings

Mageni is a vulnerability scanning and vulnerability management solution that empowers use to find, prioritize, remediate and manage vulnerabilities before they are exploited by hackers.

0 ratings

Zeguro offers cyber insurance and an easy-to-use cyber risk management solution, Zeguro Cyber Safety. Designed for small to midsize businesses, our Cyber Safety platform includes: cybersecurity training to improve employee security awareness, customizable pre-built security policy templates for regulatory compliance, and automated web app scanning to monitor for and mitigate vulnerabilities. Zeguro Cyber Safety users can also enjoy potential savings in their cyber insurance, which Zeguro price

Top 10 Free Security Risk Analysis Software in 2021

  • Nessus
  • AlienVault USM (from AT&T Cybersecurity)
  • Netwrix Auditor
  • SecurityScorecard
  • Apptega