# Best Vulnerability Scanner Software for Small Business - Page 2

*By [Lauren Worth](https://research.g2.com/insights/author/lauren-worth)*


Products classified in the overall Vulnerability Scanner category are similar in many regards and help companies of all sizes solve their business problems. However, small business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Small Business Vulnerability Scanner to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2&#39;s buying advisors to find the right solutions within the Small Business Vulnerability Scanner category.

In addition to qualifying for inclusion in the Vulnerability Scanner Software category, to qualify for inclusion in the Small Business Vulnerability Scanner Software category, a product must have at least 10 reviews left by a reviewer from a small business.





## Top Vulnerability Scanner Software at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Wiz](https://www.g2.com/products/wiz-wiz/reviews) | 4.7/5.0 (822 reviews) | Risk-based cloud vulnerability prioritization with context | "[Wiz Delivers Clear Visibility Into Cloud Risks That Truly Matter](https://www.g2.com/survey_responses/wiz-review-12960477)" |
| 2 | [Aikido Security](https://www.g2.com/products/aikido-security/reviews) | 4.6/5.0 (202 reviews) | Auto-triaged DevSecOps scanning with low false positives | "[Enterprise Security Without an Enterprise Security Team](https://www.g2.com/survey_responses/aikido-security-review-13108704)" |
| 3 | [Orca Security](https://www.g2.com/products/orca-security/reviews) | 4.7/5.0 (300 reviews) | Agentless cloud vulnerability scanning with contextual risk prioritization | "[Orca Makes Shadow AI Agents Visible and Governable Across Our Cloud](https://www.g2.com/survey_responses/orca-security-review-13119948)" |
| 4 | [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) | 4.5/5.0 (289 reviews) | Credentialed infrastructure scans with compliance auditing | "[Self-Contained Nessus Scanning with Full Control in Offline Environments](https://www.g2.com/survey_responses/tenable-nessus-review-12937668)" |
| 5 | [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) | 4.6/5.0 (212 reviews) | SaaS pentest certification with manual validation | "[Smooth Onboarding, Responsive Support, and Strong Pentest Lifecycle Controls](https://www.g2.com/survey_responses/astra-pentest-review-13001206)" |
| 6 | [Intruder](https://www.g2.com/products/intruder/reviews) | 4.8/5.0 (207 reviews) | Continuous vulnerability scanning with emerging threat detection | "[Reliable Service with Flexible Plans and Strong Support](https://www.g2.com/survey_responses/intruder-review-13110046)" |
| 7 | [Sysdig Secure](https://www.g2.com/products/sysdig-sysdig-secure/reviews) | 4.8/5.0 (110 reviews) | Runtime vulnerability detection in Kubernetes workloads | "[Excellent Real-Time Kubernetes Security Visibility and Threat Detection](https://www.g2.com/survey_responses/sysdig-secure-review-12711991)" |
| 8 | [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) | 4.6/5.0 (116 reviews) | — | "[Unified Cloud Posture Visibility with CrowdStrike Falcon Cloud Security](https://www.g2.com/survey_responses/crowdstrike-falcon-cloud-security-review-13109056)" |
| 9 | [Burp Suite](https://www.g2.com/products/burp-suite/reviews) | 4.8/5.0 (126 reviews) | Manual web application penetration testing workflows | "[Complete Control Over Web Requests with Burp Suite](https://www.g2.com/survey_responses/burp-suite-review-12677559)" |
| 10 | [Tenable Vulnerability Management](https://www.g2.com/products/tenable-vulnerability-management/reviews) | 4.5/5.0 (113 reviews) | Risk-based vulnerability prioritization with VPR scoring | "[TVM Does What You Need](https://www.g2.com/survey_responses/tenable-vulnerability-management-review-12937561)" |

---
## What Are the Most Common Questions About Vulnerability Scanner Software?
*AI-generated · Last updated: May 26, 2026*
### What platform provides detailed vulnerability reporting and analytics?
Based on G2 reviews, several vulnerability scanner software products are praised for detailed reporting and clear visibility into findings. According to verified users, Tenable Nessus stands out for detailed reports, audit-friendly outputs, and remediation suggestions, while Intruder reviewers mention clear dashboards and practical reporting that help teams understand and act on issues quickly. G2 reviewers also mention Edgescan for trend reporting, time-to-resolve visibility, and dashboards that help track remediation progress over time. Buyers looking for strong reporting and analytics often value products that combine understandable findings with prioritization and historical visibility so teams can communicate risk clearly and manage remediation more efficiently.


### What platform integrates scanning with patch management systems?
Based on G2 reviews, products in this category often support remediation workflows by helping teams connect findings to patching or operational processes. According to verified users, CyberSmart is noted for patch management alongside vulnerability visibility, helping teams see outdated systems and remediate them from the same workflow. G2 reviewers also mention ConnectSecure Vulnerability and Compliance Manager and APPCHECK as tools that support organized remediation, while Qualys and Tenable products are described as integrating findings into broader operational environments. Buyers evaluating vulnerability scanner software for this use case should prioritize products reviewers say make it easier to move from finding issues to coordinating fixes, especially when patching and compliance work need to stay tightly connected.


### What is the most affordable vulnerability scanner for SMBs?
Based on G2 reviews, affordability for SMBs is usually described in terms of value, ease of setup, and reduced manual work rather than exact pricing. According to verified users, Aikido Security is frequently described as friendly for small and mid-sized businesses, with reviewers highlighting strong value and straightforward setup. G2 reviewers also mention Intruder as cost-effective and easy to operate, while Offensity is noted as an affordable way to stay on top of cyber risks without hiring dedicated experts. For SMB buyers, the strongest value signals in recent reviews come from products that combine simple onboarding, actionable findings, and automation that reduces the need for extra security staffing.

**Here are some of the top-rated products on G2:**

- [Aikido Security](https://www.g2.com/products/aikido-security/reviews/aikido-security-review-11660004) – reviewers describe it as suitable for SMBs with broad automated security testing and simple setup
- [Intruder](https://www.g2.com/products/intruder/reviews/intruder-review-11847236) – users highlight cost-effective scanning, easy implementation, and low operational overhead
- [Offensity](https://www.g2.com/products/offensity/reviews/offensity-review-11393651) – reviewers call out affordability and continuous automated scans for smaller teams


### Which vendor offers automated remediation guidance for vulnerabilities?
Based on G2 reviews, several vendors are recognized for helping teams move from findings to fixes with clear remediation guidance. According to verified users, Wiz is frequently praised for actionable remediation steps, contextual prioritization, and guidance that helps security and engineering teams understand what to fix first. G2 reviewers also mention Tenable Nessus for helpful remediation tips and APPCHECK for making vulnerability assignment and management easier. Buyers looking for vulnerability scanner software with strong remediation support should focus on products reviewers say reduce manual triage, explain issues clearly, and provide practical next steps instead of only listing findings.


### Which solution supports vulnerability scanning for cloud environments?
Based on G2 reviews, cloud vulnerability scanning is a major strength for multiple products in this category. According to verified users, Wiz is repeatedly praised for broad visibility across cloud environments, including vulnerabilities, misconfigurations, and risk prioritization in a single platform. G2 reviewers also mention Orca Security for agentless cloud scanning and centralized visibility, while Intruder and CrowdStrike Falcon Cloud Security are described as helping teams monitor cloud assets and workloads more effectively. Buyers focused on cloud use cases should look for recent review themes around fast onboarding, multi-cloud visibility, and the ability to prioritize real risks rather than simply generating large volumes of alerts.


### What is the top-rated vulnerability scanner for large organizations?
Based on G2 reviews, Wiz appears most frequently in recent feedback and is consistently described as a strong fit for large, complex environments. According to verified users, it helps organizations unify cloud visibility, reduce alert fatigue, and prioritize risks across broad environments without adding heavy deployment friction. G2 reviewers mention benefits such as multi-cloud visibility, strong collaboration across security and engineering teams, and support for scaling security operations in complex estates. For large organizations, the most common recent themes are broad coverage, contextual prioritization, and the ability to consolidate multiple security workflows into one platform, all of which are repeatedly associated with Wiz in the supplied review set.


### What is the best vulnerability scanning tool for enterprise IT teams?
Based on G2 reviews, Wiz is the strongest recent fit for enterprise IT teams because reviewers repeatedly describe it as helping large teams unify visibility, prioritize meaningful risks, and coordinate remediation across complex environments. According to verified users, it reduces noise by connecting vulnerabilities, misconfigurations, and exposures in context, which helps enterprise teams focus their efforts more effectively. G2 reviewers also mention fast onboarding, strong integrations, and better collaboration between security, infrastructure, and engineering teams. In the supplied review set, those enterprise-focused themes appear most consistently around Wiz, making it the clearest recent answer for buyers seeking a broad, scalable vulnerability scanner software platform.


### Which tool supports scanning for compliance with industry standards?
Based on G2 reviews, several tools are used to support compliance-driven vulnerability scanning. According to verified users, Tenable Nessus is commonly mentioned for helping teams scan against recognized standards and create reports for audit and compliance use cases. G2 reviewers also mention Intruder for ongoing scanning tied to compliance workflows, CyberSmart for Cyber Essentials-related monitoring, and Wiz for supporting PCI, SOC, and broader compliance visibility in cloud environments. Buyers looking for compliance-focused vulnerability scanner software should prioritize tools reviewers say generate understandable reports, surface remediation clearly, and fit into recurring audit or certification processes without adding heavy manual work.


### Which vendor provides real-time vulnerability detection and alerts?
Based on G2 reviews, real-time or continuously updated visibility is a common requirement for buyers who need fast response to new issues. According to verified users, Wiz is repeatedly described as providing rapid visibility into vulnerabilities and risks across cloud environments, with contextual prioritization that helps teams respond faster. G2 reviewers also mention Intruder for automatic scanning and timely notifications, while CyberSmart is noted for real-time style reporting on vulnerabilities and patching needs. For this use case, buyers should look for products that reviewers say combine continuous monitoring with useful alerts, so teams can act quickly without being buried in low-value noise.


### Which vulnerability scanner offers the most accurate network security assessments?
Based on G2 reviews, Tenable Nessus is one of the clearest choices for accurate network-focused assessments. According to verified users, it is praised for high scanning accuracy, broad plugin coverage, clear reports, and fast identification of vulnerabilities across networks and hybrid environments. G2 reviewers mention that it helps uncover hidden issues, supports regular scanning, and provides actionable remediation tips that make findings easier to address. Other products in the dataset also support network visibility, but Nessus is the one most directly associated in recent reviews with accurate, dependable vulnerability assessments for network assets and infrastructure.




## G2 Grid® for Vulnerability Scanner Software
![G2 Grid® for Vulnerability Scanner Software plotting products by satisfaction and market presence](https://www.g2.com/categories/vulnerability-scanner/grids.png?focus%5B%5D=1259627&focus%5B%5D=154599&focus%5B%5D=146504&focus%5B%5D=27706&focus%5B%5D=20460&focus%5B%5D=32494&focus%5B%5D=32486&focus%5B%5D=118473)
Highlighted products: Aikido Security, Astra Pentest, Wiz, Intruder, Sysdig Secure, Tenable Nessus, Burp Suite, and CyberSmart.
Underlying data: [Grid® JSON](https://www.g2.com/categories/vulnerability-scanner/grids.json?focus%5B%5D=aikido-security&amp;focus%5B%5D=astra-pentest&amp;focus%5B%5D=wiz-wiz&amp;focus%5B%5D=intruder&amp;focus%5B%5D=sysdig-sysdig-secure&amp;focus%5B%5D=tenable-nessus&amp;focus%5B%5D=burp-suite&amp;focus%5B%5D=cybersmart&amp;segment=small-business)


## How Many Vulnerability Scanner Software Products Does G2 Track?
**Total Products under this Category:** 223

### Category Stats (Jul 2026)
- **Average Rating**: 4.58/5 (↓0.01 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: CybaOps (+8.33%) - Among all products in this category, CybaOps recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank Vulnerability Scanner Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 7,500+ Authentic Reviews
- 223+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.



---

**Sponsored**

### Intruder

Intruder&#39;s continuous exposure management platform helps security, IT, and engineering teams stop breaches before they start. By unifying AI penetration testing, attack surface monitoring, cloud security, and vulnerability management in one intuitive platform, Intruder gives stretched teams an always-on security source of truth. Our approach focuses on continuous automated scanning using expertise and agentic solutions to ensure that the findings we deliver are accurate, prioritized by real-world risk, and ready to act on. Founded in 2015 by Chris Wallis, a former ethical hacker turned corporate blue teamer, Intruder is now protecting over 3,000 companies worldwide. Intruder has been awarded multiple accolades, was selected for GCHQ’s Cyber Accelerator, included on Deloitte’s Tech Fast 50 2023 list as the fastest-growing cybersecurity company in the UK and was named in G2’s 2026 Best Software Awards.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=1423&amp;secure%5Bchosen_at%5D=2026-07-17T12%3A12%3A14Z&amp;secure%5Bdisplayable_resource_id%5D=1423&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=1423&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=27706&amp;secure%5Bresource_id%5D=1423&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fvulnerability-scanner%2Fsmall-business%3Fpage%3D2&amp;secure%5Btoken%5D=1eddc5f484cdb770d169d4bf8fb9dfcb69aef7fadfb6b9f87089b4c5ac583f5e&amp;secure%5Burl%5D=https%3A%2F%2Fwww.intruder.io%2F%3Futm_source%3Dg2%26utm_medium%3Dp_referral%26utm_campaign%3Dglobal%7Cfixed%7Cg2_clicks_2025&amp;secure%5Burl_type%5D=free_trial)

---


## Vulnerability Scanner Software Features & Capabilities

### What are the Best Vulnerability Scanner Software with Compliance Testing?
Allows users to scan applications and networks for specific compliance requirements.

**Top-rated Vulnerability Scanner Software for Compliance Testing:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Compliance Testing](https://www.g2.com/categories/vulnerability-scanner/f/compliance-testing)

### What are the Best Vulnerability Scanner Software with Perimeter Scanning?
Analyzes network devices, servers and operating systems for vulnerabilities.

**Top-rated Vulnerability Scanner Software for Perimeter Scanning:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Perimeter Scanning](https://www.g2.com/categories/vulnerability-scanner/f/perimeter-scanning)

### What are the Best Vulnerability Scanner Software with Manual Application Testing?
Allows users to perfrom hands-on live simulations and penetration tests.

**Top-rated Vulnerability Scanner Software for Manual Application Testing:**
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
- [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews)
[Explore Vulnerability Scanner Software with Manual Application Testing](https://www.g2.com/categories/vulnerability-scanner/f/manual-application-testing)

### What are the Best Vulnerability Scanner Software with Static Code Analysis?
Scans application source code for security flaws without executing it.

**Top-rated Vulnerability Scanner Software for Static Code Analysis:**
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
- [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews)
[Explore Vulnerability Scanner Software with Static Code Analysis](https://www.g2.com/categories/vulnerability-scanner/f/static-code-analysis)

### What are the Best Vulnerability Scanner Software with Automated Scans?
Runs pre-scripted vulnerability scans without requiring manual work.

**Top-rated Vulnerability Scanner Software for Automated Scans:**
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews)
- [Orca Security](https://www.g2.com/products/orca-security/reviews)
[Explore Vulnerability Scanner Software with Automated Scans](https://www.g2.com/categories/vulnerability-scanner/f/automated-scans)


## What Are the Top-Rated Vulnerability Scanner Software Products in 2026?
### 1. [Detectify](https://www.g2.com/products/detectify/reviews)
Detectify sets a new standard for advanced application security testing, challenging traditional DAST by providing evolving coverage of each and every exposed asset across the changing attack surface. AppSec teams trust Detectify to expose how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks fuelled by its global community of elite ethical hackers into its own expert-built engines, exposing critical weaknesses before it&#39;s too late. The Detectify solution includes: - Automated discovery of known and unknown digital assets via domain &amp; cloud connectors - Continuous coverage (24/7) of every corner of the attack surface with dynamic testing. Not just predefined targets - 100% payload-based testing fuelled by elite ethical hackers for a high signal-to-noise ratio - Distributed coverage across an unmatched array of relevant technologies - Actionable remediation tips for software development teams - Team functionality to easily share reports - Powerful integrations platform to prioritize and triage vulnerability findings onward to development teams -Advanced API functionality -Capabilities to set custom attack surface security policies


**Average Rating:** 4.5/5.0
**Total Reviews:** 49
**How Do G2 Users Rate Detectify?**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.9/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind Detectify?**

- **Seller:** [Detectify](https://www.g2.com/sellers/detectify)
- **Year Founded:** 2013
- **HQ Location:** Stockholm, Sweden
- **Twitter:** @detectify (11,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2850066/ (92 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 47% Small-Business, 35% Mid-Market


#### What Are Detectify's Pros and Cons?

**Pros:**

- Automation (2 reviews)
- Automation Testing (2 reviews)
- Customizability (2 reviews)
- Features (2 reviews)
- Security (2 reviews)

**Cons:**

- Complexity (1 reviews)
- Complex Queries (1 reviews)
- Complex Setup (1 reviews)
- Expensive (1 reviews)
- Inaccuracy (1 reviews)


### What Do G2 Reviewers Say About Detectify?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **automation capabilities** of Detectify, enjoying seamless integration and tailored security testing processes.
- Users value the **easy automation and integration** features of Detectify that enhance security testing efficiently.
- Users value the **customizability** of Detectify, enabling easy integration and tailored security testing to fit diverse needs.
- Users appreciate the **easy integration and comprehensive features** of Detectify for efficient security testing.
- Users appreciate Detectify for its **effective dynamic application security testing** , ensuring comprehensive security without complex setups.

**Cons:**

- Users find the **initial complexity** of setting up Detectify to be a challenging aspect of the product.
- Users find the **complex queries** in Detectify challenging, impacting clarity on spidering results and app assessment.
- Users find the **complex setup** of Detectify to be a challenging start, impacting its usability for newcomers.
- Users find Detectify to be **expensive** when testing multiple sites, impacting its affordability for small operations.
- Users find **inaccuracy in outcomes** from Detectify&#39;s spidering, lacking clarity on app assessment completeness.

#### What Are Recent G2 Reviews of Detectify?

**"[Very happy from an admin/IT security manager view](https://www.g2.com/survey_responses/detectify-review-8197913)"**

**Rating:** 5.0/5.0 stars
*— Björn L.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-8197913)

---

**"[Vulnerability scans made easy](https://www.g2.com/survey_responses/detectify-review-9059869)"**

**Rating:** 5.0/5.0 stars
*— Arkadiusz K.*

[Read full review](https://www.g2.com/survey_responses/detectify-review-9059869)

---


#### What Are G2 Users Discussing About Detectify?

- [What is Detectify used for?](https://www.g2.com/discussions/what-is-detectify-used-for)
- [Is Detectify a DAST tool?](https://www.g2.com/discussions/is-detectify-a-dast-tool)
- [How does Detectify app work?](https://www.g2.com/discussions/how-does-detectify-app-work)
- [What does Detectify scan for?](https://www.g2.com/discussions/what-does-detectify-scan-for)
- [What is Detectify Deep scan?](https://www.g2.com/discussions/what-is-detectify-deep-scan)

### 2. [Fortra VM](https://www.g2.com/products/fortra-vm/reviews)
Fortra VM is a proactive, risk-based vulnerability management solution that helps organizations identify, assess, and prioritize security weaknesses across their infrastructure. Beyond basic scanning, Fortra VM provides contextual risk prioritization through its Security GPA rating system, Peer Insight for industry benchmarking, and threat ranking to identify exploitation vectors that are used in real world attacks. Conveniently delivered via SAAS, Fortra VM creates easily understood reporting for efficient and effective remediation.


**Average Rating:** 4.3/5.0
**Total Reviews:** 67
**How Do G2 Users Rate Fortra VM?**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.2/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.2/10 (Category avg: 8.4/10)

**Who Is the Company Behind Fortra VM?**

- **Seller:** [Fortra](https://www.g2.com/sellers/fortra)
- **Year Founded:** 1982
- **HQ Location:** Eden Prairie, Minnesota
- **Twitter:** @fortraofficial (2,773 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/fortra (1,755 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Banking
- **Company Size:** 45% Mid-Market, 35% Small-Business


#### What Are Fortra VM's Pros and Cons?

**Pros:**

- Customer Support (1 reviews)
- Data Security (1 reviews)
- Ease of Use (1 reviews)
- Incident Management (1 reviews)
- Insights (1 reviews)



### What Do G2 Reviewers Say About Fortra VM?
*AI-generated summary from verified user reviews*

**Pros:**

- Users rave about the **excellent customer support** of Fortra VM, enhancing their overall experience since 2020.
- Users value the **data security features** of Fortra VM, enhancing their endpoint posture and risk management effectively.
- Users find Fortra VM to be **lightweight and user-friendly** , complemented by excellent customer support.
- Users value the **effective incident management** capabilities of Fortra VM for improving endpoint security and remediation efforts.
- Users appreciate the **great value and effectiveness** of Fortra VM in assessing security vulnerabilities and guiding remediation efforts.


#### What Are Recent G2 Reviews of Fortra VM?

**"[the vm has great features](https://www.g2.com/survey_responses/fortra-vm-review-10361310)"**

**Rating:** 5.0/5.0 stars
*— suraj t.*

[Read full review](https://www.g2.com/survey_responses/fortra-vm-review-10361310)

---

**"[Solid platform and service](https://www.g2.com/survey_responses/fortra-vm-review-10727027)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Judiciary*

[Read full review](https://www.g2.com/survey_responses/fortra-vm-review-10727027)

---


#### What Are G2 Users Discussing About Fortra VM?

- [What is beSECURE used for?](https://www.g2.com/discussions/what-is-besecure-used-for)
- [What does digital defense do?](https://www.g2.com/discussions/what-does-digital-defense-do)
- [What tools are used for application vulnerability management?](https://www.g2.com/discussions/frontline-vulnerability-manager-what-tools-are-used-for-application-vulnerability-management)
- [What are the typical features offered by vulnerability scanner?](https://www.g2.com/discussions/frontline-vulnerability-manager-what-are-the-typical-features-offered-by-vulnerability-scanner)
- [What does vulnerability management software do?](https://www.g2.com/discussions/what-does-vulnerability-management-software-do)

### 3. [APPCHECK](https://www.g2.com/products/appcheck/reviews)
AppCheck is a Dynamic Application Security Testing (DAST) and network vulnerability testing solution, developed and supported by experienced penetration testers. We approach security testing as a hacker would, leveraging multiple proprietary crawling engines to analyse target behaviour across both modern and traditional technologies, including Single Page Applications (SPAs), APIs, and complex authentication flows such as SSO, 2FA, and TOTP. Organisations can conduct unlimited security assessments across Web Applications, SPAs, APIs, cloud services, networks, across internal or external assets. Supporting production and UAT testing, AppCheck also helps organisations ‘shift left’ by integrating with CI/CD pipelines and build servers, including ADO, GitHub, Jenkins, TeamCity, CircleCI, TravisCI, Bamboo, and GitLab CI/CD. Allowing automated security testing throughout development, identifying risks as soon as changes are introduced. AppCheck are proud to be part of the CVE Numbering Authority (CNA), contributing to global security research


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate APPCHECK?**

- **Has the product been a good partner in doing business?:** 9.5/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.5/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.8/10 (Category avg: 8.4/10)

**Who Is the Company Behind APPCHECK?**

- **Seller:** [APPCHECK](https://www.g2.com/sellers/appcheck)
- **Company Website:** https://www.appcheck-ng.com
- **Year Founded:** 2014
- **HQ Location:** Leeds, GB
- **Twitter:** @AppcheckNG (649 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/appcheck-ng-ltd/ (106 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 49% Mid-Market, 30% Small-Business


#### What Are APPCHECK's Pros and Cons?

**Pros:**

- Vulnerability Detection (7 reviews)
- Ease of Use (6 reviews)
- Features (5 reviews)
- Pentesting Efficiency (5 reviews)
- Automated Scanning (4 reviews)

**Cons:**

- Poor Customer Support (2 reviews)
- UX Improvement (2 reviews)
- API Issues (1 reviews)
- Difficult Customization (1 reviews)
- Difficult Learning Curve (1 reviews)


### What Do G2 Reviewers Say About APPCHECK?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **effective vulnerability detection** of AppCheck, which outshines competitors in thoroughness and ease of use.
- Users find the **ease of use** of AppCheck invaluable, simplifying complex security processes effectively and efficiently.
- Users appreciate the **excellent pricing and functionality** of AppCheck, enhancing their vulnerability management and reporting capabilities.
- Users commend AppCheck for its **exceptional pentesting efficiency** , significantly enhancing vulnerability detection and streamlining security processes.
- Users appreciate the **automated scanning** of AppCheck, benefiting from detailed reports and seamless integration with CI/CD pipelines.

**Cons:**

- Users find the **poor customer support** frustrating, as they must submit tickets for simple changes.
- Users feel that **UX improvement** is necessary, particularly in scoring systems, customization, and starting points for scans.
- Users find the **API endpoint changes cumbersome** , relying on service requests instead of having direct control.
- Users find **difficult customization** options in AppCheck, limiting the ability to tailor reports and vulnerability scoring.
- Users note a significant **difficult learning curve** with Appcheck, which can hinder initial usability and efficiency.

#### What Are Recent G2 Reviews of APPCHECK?

**"[Effortless Vulnerability Management with APPCHECK](https://www.g2.com/survey_responses/appcheck-review-12463853)"**

**Rating:** 5.0/5.0 stars
*— Aaron H.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-12463853)

---

**"[Great onboarding experience and trial](https://www.g2.com/survey_responses/appcheck-review-11771398)"**

**Rating:** 4.0/5.0 stars
*— Tyler S.*

[Read full review](https://www.g2.com/survey_responses/appcheck-review-11771398)

---



### 4. [Defendify All-In-One Cybersecurity Solution](https://www.g2.com/products/defendify-all-in-one-cybersecurity-solution/reviews)
Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an all-in-one, easy-to-use platform designed to strengthen cybersecurity across people, process, and technology, continuously. With Defendify, organizations streamline cybersecurity assessments, testing, policies, training, detection, response &amp; containment in one consolidated and cost-effective cybersecurity solution. 3 layers, 13 solutions, 1 platform, including: • Managed Detection &amp; Response • Cyber Incident Response Plan • Cybersecurity Threat Alerts • Phishing Simulations • Cybersecurity Awareness Training • Cybersecurity Awareness Videos • Cybersecurity Awareness Posters &amp; Graphics • Technology Acceptable Use Policy • Cybersecurity Risk Assessments • Penetration Testing • Vulnerability Scanning • Compromised Password Scanning • Website Security Scanning See Defendify in action at www.defendify.com.


**Average Rating:** 4.7/5.0
**Total Reviews:** 57
**How Do G2 Users Rate Defendify All-In-One Cybersecurity Solution?**

- **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.4/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind Defendify All-In-One Cybersecurity Solution?**

- **Seller:** [Defendify](https://www.g2.com/sellers/defendify)
- **Year Founded:** 2017
- **HQ Location:** Portland, Maine
- **Twitter:** @defendify (305 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/11098948/ (37 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 65% Small-Business, 35% Mid-Market


#### What Are Defendify All-In-One Cybersecurity Solution's Pros and Cons?

**Pros:**

- Ease of Use (8 reviews)
- Cybersecurity (6 reviews)
- Easy Setup (5 reviews)
- Insights (5 reviews)
- Monitoring (5 reviews)

**Cons:**

- Inadequate Reporting (4 reviews)
- Poor Reporting (4 reviews)
- Lack of Information (2 reviews)
- Limited Customization (2 reviews)
- Limited Features (2 reviews)


### What Do G2 Reviewers Say About Defendify All-In-One Cybersecurity Solution?
*AI-generated summary from verified user reviews*

**Pros:**

- Users highlight the **ease of use** of Defendify, streamlining cybersecurity management for organizations with limited resources.
- Users praise Defendify for its **comprehensive and cost-effective cybersecurity features** , streamlining management for small and medium-sized businesses.
- Users appreciate the **easy setup** of Defendify, making configuration and onboarding quick and efficient.
- Users value the **ease of use** of Defendify, enabling quick setup and clear insights into cybersecurity posture.
- Users value the **continuous monitoring** and ease of use of Defendify, enhancing their network security significantly.

**Cons:**

- Users note that the **reporting is inadequate** , desiring improvements like concise summaries and detailed penetration testing results.
- Users feel the **reporting could be improved** , expressing a need for more concise and detailed reports.
- Users feel the **lack of information** in reports diminishes clarity and thoroughness of penetration testing insights.
- Users find the **limited customization** options restrictive, desiring more flexibility in reports and branding features.
- Users find the lack of **custom reporting options** limits their ability to tailor insights for future needs.

#### What Are Recent G2 Reviews of Defendify All-In-One Cybersecurity Solution?

**"[Comprehensive and robust protection](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10560878)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10560878)

---

**"[Perfect  Vulnerability Management for Software Companies](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10488301)"**

**Rating:** 4.5/5.0 stars
*— Akhil V.*

[Read full review](https://www.g2.com/survey_responses/defendify-all-in-one-cybersecurity-solution-review-10488301)

---


#### What Are G2 Users Discussing About Defendify All-In-One Cybersecurity Solution?

- [What is Defendify Cybersecurity Platform used for?](https://www.g2.com/discussions/what-is-defendify-cybersecurity-platform-used-for)

### 5. [Cyrisma](https://www.g2.com/products/cyrisma/reviews)
Cyrisma helps MSPs and MSSPs turn cyber risk and compliance into revenue. Its unified platform combines vulnerability management, data and asset discovery, compliance tracking, secure configuration, and dark web monitoring into one continuous experience - enabling partners to identify, prioritize, and remediate cyber risk efficiently. With executive-ready reporting, risk monetization insights, and elegant visuals, Cyrisma helps MSPs demonstrate measurable value, strengthen client relationships, and scale their security services profitably.


**Average Rating:** 4.6/5.0
**Total Reviews:** 60
**How Do G2 Users Rate Cyrisma?**

- **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind Cyrisma?**

- **Seller:** [Cyrisma](https://www.g2.com/sellers/cyrisma)
- **Company Website:** https://www.cyrisma.com/
- **Year Founded:** 2018
- **HQ Location:** Rochester, NY
- **Twitter:** @Cyrisma_USA (43 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/cyrisma/ (14 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 75% Small-Business, 22% Mid-Market


#### What Are Cyrisma's Pros and Cons?

**Pros:**

- Time-saving (12 reviews)
- Ease of Use (10 reviews)
- Customer Support (9 reviews)
- Features (8 reviews)
- Vulnerability Identification (8 reviews)

**Cons:**

- Missing Features (4 reviews)
- Not User-Friendly (4 reviews)
- Limited Flexibility (3 reviews)
- Poor Interface Design (3 reviews)
- Poor Navigation (3 reviews)


### What Do G2 Reviewers Say About Cyrisma?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **time-saving features** of Cyrisma, streamlining cybersecurity tasks and enhancing overall efficiency.
- Users appreciate the **intuitive platform** of Cyrisma, making cybersecurity management efficient and straightforward.
- Users commend the **fantastic customer support** of Cyrisma, valuing their responsiveness and helpfulness during product usage.
- Users value the **actionable vulnerability intelligence** of Cyrisma, appreciating its user-friendly dashboard and comprehensive coverage.
- Users love CYRISMA for its **actionable vulnerability intelligence** , streamlining security management with ease and clarity.

**Cons:**

- Users express concerns about **missing features** like better UI, data correlation, and effective patch management in Cyrisma.
- Users find Cyrisma&#39;s interface to be **not user-friendly** , complicating navigation and hindering overall usability and support experience.
- Users feel Cyrisma has **limited flexibility** , finding navigation complex and agent deployment unnecessarily cumbersome.
- Users find the **poor interface design** of Cyrisma challenging, hindering navigation and access to key insights.
- Users find **navigation challenging** in Cyrisma, complicating access to insights and hindering overall usability.

#### What Are Recent G2 Reviews of Cyrisma?

**"[Effortless Penetration Testing with CYRISMA](https://www.g2.com/survey_responses/cyrisma-review-12781999)"**

**Rating:** 5.0/5.0 stars
*— Sarah M.*

[Read full review](https://www.g2.com/survey_responses/cyrisma-review-12781999)

---

**"[CYRISMA offers strong consolidation value, needs enhancements in data correlation &amp; patch coverage](https://www.g2.com/survey_responses/cyrisma-review-11229216)"**

**Rating:** 4.0/5.0 stars
*— Jathin D.*

[Read full review](https://www.g2.com/survey_responses/cyrisma-review-11229216)

---



### 6. [MalCare](https://www.g2.com/products/malcare/reviews)
Mitigate getting blacklisted by Google, being blocked by Webhosts or any possible security threats from the most complex malwares with MalCare&#39;s comprehensive and powerful automatic website malware scanning.


**Average Rating:** 4.1/5.0
**Total Reviews:** 13
**How Do G2 Users Rate MalCare?**

- **Has the product been a good partner in doing business?:** 6.7/10 (Category avg: 9.2/10)
- **Detection Rate:** 6.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 6.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.5/10 (Category avg: 8.4/10)

**Who Is the Company Behind MalCare?**

- **Seller:** [MalCare](https://www.g2.com/sellers/malcare)
- **Year Founded:** 2016
- **HQ Location:** Bangalore, Karnataka
- **Twitter:** @malcaresecurity (539 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/27206560 (1 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 92% Small-Business, 15% Mid-Market


#### What Are MalCare's Pros and Cons?

**Pros:**

- Efficiency Improvement (1 reviews)

**Cons:**

- False Positives (1 reviews)


### What Do G2 Reviewers Say About MalCare?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **efficiency improvement** of MalCare, appreciating that it enhances security without slowing down their website.

**Cons:**

- Users have observed **false positives** as MalCare occasionally fails to detect security issues with certain plugins.

#### What Are Recent G2 Reviews of MalCare?

**"[MalCare -  a reliable and efficient choice for securing your WordPress site on Cloudways](https://www.g2.com/survey_responses/malcare-review-10619146)"**

**Rating:** 4.0/5.0 stars
*— Rui d.*

[Read full review](https://www.g2.com/survey_responses/malcare-review-10619146)

---

**"[Great customer service and easy to work with!](https://www.g2.com/survey_responses/malcare-review-9235195)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Hospitality*

[Read full review](https://www.g2.com/survey_responses/malcare-review-9235195)

---


#### What Are G2 Users Discussing About MalCare?

- [What is MalCare waf php?](https://www.g2.com/discussions/malcare-what-is-malcare-waf-php)
- [What is MalCare waf php?](https://www.g2.com/discussions/what-is-malcare-waf-php)
- [Is MalCare plugin safe?](https://www.g2.com/discussions/malcare-is-malcare-plugin-safe)
- [Is MalCare plugin safe?](https://www.g2.com/discussions/is-malcare-plugin-safe)
- [Is MalCare any good?](https://www.g2.com/discussions/malcare-is-malcare-any-good) - 1 comment

### 7. [Pynt - API Security Testing](https://www.g2.com/products/pynt-api-security-testing/reviews)
Pynt is an innovative API Security Testing platform exposing verified API threats through simulated attacks. Hundreds of companies rely on Pynt to continuously monitor, classify and attack poorly secured APIs, before hackers do.


**Average Rating:** 4.8/5.0
**Total Reviews:** 44
**How Do G2 Users Rate Pynt - API Security Testing?**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.0/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.2/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind Pynt - API Security Testing?**

- **Seller:** [Pynt](https://www.g2.com/sellers/pynt)
- **Year Founded:** 2022
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @pynt_io (361 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/pynt (16 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Computer &amp; Network Security
- **Company Size:** 57% Small-Business, 23% Enterprise


#### What Are Pynt - API Security Testing's Pros and Cons?

**Pros:**

- Vulnerability Detection (20 reviews)
- Security (18 reviews)
- API Management (17 reviews)
- Easy Integrations (16 reviews)
- Automation (15 reviews)

**Cons:**

- Complex Setup (11 reviews)
- Setup Complexity (6 reviews)
- Limited Features (4 reviews)
- Poor Interface Design (4 reviews)
- UX Improvement (4 reviews)


### What Do G2 Reviewers Say About Pynt - API Security Testing?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Pynt for its **auto-generation of security tests** , making vulnerability detection accessible for all development teams.
- Users commend Pynt for its **impressive security engine** that effectively identifies critical API vulnerabilities quickly.
- Users value the **seamless integration** of Pynt into CI/CD pipelines for automated API security testing and vulnerability identification.
- Users appreciate the **easy integration** of Pynt with their SDLC, enhancing automated API security without disrupting workflows.
- Users highlight the **automation capabilities** of Pynt, streamlining API security tasks and enhancing efficiency in development workflows.

**Cons:**

- Users find the **complex setup** of Pynt challenging, often requiring support which complicates the initial experience.
- Users find the **setup complexity** challenging, often needing support and seeking a more user-friendly interface.
- Users experience **limited features** in Pynt, particularly in reporting, dashboard options, and onboarding processes for complex APIs.
- Users find the **user interface challenging** , especially beginners who struggle with navigation and setup.
- Users find the **user interface challenging** , suggesting improvements for a more user-friendly experience in Pynt.

#### What Are Recent G2 Reviews of Pynt - API Security Testing?

**"[Comprehensive Review of Pynt Tool](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)"**

**Rating:** 5.0/5.0 stars
*— Vijayaraghavan (Vijay) V.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-10046930)

---

**"[Performance and Usability Review of pynt G2](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)"**

**Rating:** 5.0/5.0 stars
*— Devanggiri G.*

[Read full review](https://www.g2.com/survey_responses/pynt-api-security-testing-review-11135423)

---



### 8. [Qualys VMDR](https://www.g2.com/products/qualys-vmdr/reviews)
Qualys VMDR is an all-in-one risk-based vulnerability management solution that quantifies cyber risk. It gives organizations unprecedented insights into their risk posture and provides actionable steps to reduce risk. It also gives cybersecurity and IT teams a shared platform to collaborate, and the power to quickly align and automate no-code workflows to respond to threats with automated remediation and integrations with ITSM solutions such as ServiceNow.


**Average Rating:** 4.4/5.0
**Total Reviews:** 164
**How Do G2 Users Rate Qualys VMDR?**

- **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.5/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.6/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.4/10 (Category avg: 8.4/10)

**Who Is the Company Behind Qualys VMDR?**

- **Seller:** [Qualys](https://www.g2.com/sellers/qualys)
- **Year Founded:** 1999
- **HQ Location:** Foster City, CA
- **Twitter:** @qualys (34,248 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/8561/ (3,627 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Security Engineer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 51% Enterprise, 28% Mid-Market


#### What Are Qualys VMDR's Pros and Cons?

**Pros:**

- Vulnerability Detection (2 reviews)
- Vulnerability Identification (2 reviews)
- Alerting System (1 reviews)
- Automation (1 reviews)
- Cloud Integration (1 reviews)

**Cons:**

- Complexity (1 reviews)
- Complex Reporting (1 reviews)
- Complex Setup (1 reviews)
- Difficult Learning (1 reviews)
- Feature Complexity (1 reviews)


### What Do G2 Reviewers Say About Qualys VMDR?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **efficient vulnerability detection** of Qualys VMDR, which enhances security and ensures swift remediation.
- Users value the **swift vulnerability identification** capabilities of Qualys VMDR, enhancing their overall security posture effectively.
- Users value the **real-time alerting system** of Qualys VMDR, ensuring prompt notifications for critical vulnerabilities and swift responses.
- Users value the **automated vulnerability detection** of Qualys VMDR, appreciating its effortless cloud deployment and easy setup.
- Users value the **cloud integration** of Qualys VMDR, as it simplifies deployment without infrastructure requirements.

**Cons:**

- Users find the **interface complex** , making it challenging for newcomers to navigate and use effectively.
- Users find the **complex reporting** of Qualys VMDR challenging, particularly for new users during initial use.
- Users find the **complex setup** challenging, especially for new users grappling with the initial interface.
- Users find the **difficult learning** curve of Qualys VMDR challenging, especially for newcomers to the platform.
- Users find the **interface overly complex** , making it challenging for new users to navigate successfully.

#### What Are Recent G2 Reviews of Qualys VMDR?

**"[One Go Tool for small or medium level Organizations](https://www.g2.com/survey_responses/qualys-vmdr-review-5466550)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Security and Investigations*

[Read full review](https://www.g2.com/survey_responses/qualys-vmdr-review-5466550)

---

**"[Real-Time Asset Visibility and TruRisk Prioritization at Scale](https://www.g2.com/survey_responses/qualys-vmdr-review-12484147)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/qualys-vmdr-review-12484147)

---


#### What Are G2 Users Discussing About Qualys VMDR?

- [What does Qualys Vmdr do?](https://www.g2.com/discussions/what-does-qualys-vmdr-do) - 1 comment
- [What vulnerabilities does Qualys scan for?](https://www.g2.com/discussions/qualys-vmdr-what-vulnerabilities-does-qualys-scan-for)
- [What does Qualys cloud agent do?](https://www.g2.com/discussions/what-does-qualys-cloud-agent-do)
- [How does Qualys patch management work?](https://www.g2.com/discussions/how-does-qualys-patch-management-work)
- [What is Qualys software?](https://www.g2.com/discussions/what-is-qualys-software)

### 9. [BugProve](https://www.g2.com/products/bugprove/reviews)
As former security researchers, we founded BugProve to deliver the level of security that IoT deserves! Experience peace of mind by leveraging our automated firmware analysis platform: Swift Results: Upload your firmware image and receive first results in just 5 minutes. - Supply Chain Risk Management and Compliance: Identify components and known vulnerabilities, and opt for continuous CVE monitoring for compliance assurance. - Zero-day detection: Our built-in zero-day detection engine, PRIS, detects memory corruption vulnerabilities before they can be exploited. - All-in-One Hub: Seamlessly access product security reevaluations, comparisons, and updates, presented in an easily digestible format. - Effortless Sharing: Share findings via live links or export them as PDFs for convenient reporting. Involve your product development team with AI-assisted remediation recommendations. - Accelerated Testing: Save weeks in the pentesting process, enabling you to focus on in-depth discoveries and launch more secure products, without security bottlenecks. - IoT specific, detailed scans: BugProve runs checks directly on firmware, no source code needed. We run advanced static and dynamic analysis, unique multi-binary taint analysis, cryptographic analysis, and security configuration checks. No long-term contracts, commitments, and hidden fees. What’s more, we believe you should test the platform to see what it can do, so we offer a Free Plan. Sign up, and start scanning!


**Average Rating:** 4.9/5.0
**Total Reviews:** 20
**How Do G2 Users Rate BugProve?**

- **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.5/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.9/10 (Category avg: 8.4/10)

**Who Is the Company Behind BugProve?**

- **Seller:** [BugProve](https://www.g2.com/sellers/bugprove)
- **Year Founded:** 2021
- **HQ Location:** Budapest, HU
- **Twitter:** @Bugprove (147 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/bugprove (2 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security
- **Company Size:** 90% Small-Business, 10% Enterprise



#### What Are Recent G2 Reviews of BugProve?

**"[BugProve has all the potential to be the leading platform for IoT security scanning](https://www.g2.com/survey_responses/bugprove-review-8958416)"**

**Rating:** 4.5/5.0 stars
*— Imre R.*

[Read full review](https://www.g2.com/survey_responses/bugprove-review-8958416)

---

**"[Securing the IoT Landscape: A Thorough Review of BugProve for Firmware Penetration Testing](https://www.g2.com/survey_responses/bugprove-review-8865710)"**

**Rating:** 5.0/5.0 stars
*— Barnabas S.*

[Read full review](https://www.g2.com/survey_responses/bugprove-review-8865710)

---



### 10. [ARMO Platform](https://www.g2.com/products/armo-platform/reviews)
ARMO Platform is the only runtime-driven, open-source first, cloud security platform. It is the only security platform that continuously minimizes cloud attack surface based on runtime insights, while actively detecting and responding to cyberattacks with real risk context. Using an eBPF-based runtime sensor to record application behavior and related activities, ARMO Platform enables DevOps, security, and platform teams to eliminate the security noise and go from thousands of irrelevant alerts to focus on the most important and exploitable threats. This allows those teams to shift from managing hypothetical security issues to mitigating actual risks and providing them with the means to remediate them. ARMO is an open-source-driven company and the creator of Kubescape, a leading open-source Kubernetes security project, now an official CNCF project. To learn more about ARMO Platform please visit: https://www.armosec.io/


**Average Rating:** 4.5/5.0
**Total Reviews:** 44
**How Do G2 Users Rate ARMO Platform?**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.4/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.2/10 (Category avg: 8.4/10)

**Who Is the Company Behind ARMO Platform?**

- **Seller:** [ARMO](https://www.g2.com/sellers/armo)
- **Year Founded:** 2019
- **HQ Location:** Tel Aviv, IL
- **Twitter:** @armosec (3,074 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/armosec/ (96 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 59% Small-Business, 36% Mid-Market


#### What Are ARMO Platform's Pros and Cons?

**Pros:**

- Ease of Use (8 reviews)
- Features (8 reviews)
- Security (8 reviews)
- Deployment Ease (7 reviews)
- Container Security (6 reviews)

**Cons:**

- Integration Issues (5 reviews)
- Missing Features (4 reviews)
- Difficult Configuration (3 reviews)
- Complex Querying (2 reviews)
- Complex Setup (2 reviews)


### What Do G2 Reviewers Say About ARMO Platform?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of ARMO Platform, as it simplifies security operations and streamlines workflows.
- Users appreciate the **automation and integration features** of ARMO Platform, enhancing efficiency and simplifying security operations.
- Users value ARMO Platform for its **advanced security features** , enhancing Kubernetes application safety and compliance effortlessly.
- Users value the **deployment ease** of ARMO Platform, enabling quick setup and seamless integration with existing tools.
- Users value the **easy setup and automation** of ARMO Platform, enhancing security and compliance for cloud-native applications.

**Cons:**

- Users face **integration issues** with ARMO Platform that lead to disruptions and confusion during project work.
- Users experience **missing features** in ARMO Platform that hinder efficient project workflows and cause confusion during use.
- Users face a **difficult configuration** process on the ARMO Platform, requiring time and effort to master.
- Users face a noticeable **learning curve** with ARMO Platform&#39;s complex interface, impacting efficiency and integration ease.
- Users find the **complex setup** of ARMO Platform challenging, especially those with less experience in Kubernetes.

#### What Are Recent G2 Reviews of ARMO Platform?

**"[Game-Changer for Application Cluster Security &amp; Visibility](https://www.g2.com/survey_responses/armo-platform-review-11603726)"**

**Rating:** 5.0/5.0 stars
*— Jay N.*

[Read full review](https://www.g2.com/survey_responses/armo-platform-review-11603726)

---

**"[Streamlined Kubernetes Security with Actionable Remediations](https://www.g2.com/survey_responses/armo-platform-review-11159133)"**

**Rating:** 4.5/5.0 stars
*— Abhineet S.*

[Read full review](https://www.g2.com/survey_responses/armo-platform-review-11159133)

---


#### What Are G2 Users Discussing About ARMO Platform?

- [What is ARMO used for?](https://www.g2.com/discussions/what-is-armo-used-for)

### 11. [Mend.io](https://www.g2.com/products/mend-io/reviews)
Modern risk doesn&#39;t live in one layer, it lives between them. Mend.io is built for every risk, across AI and AppSec, securing the code layer, the AI layer, and the interactions between them. From discovery and red teaming to guardrails and runtime protection, Mend.io delivers continuous protection across the entire AI application lifecycle. Mend.io solutions include: 1. Mend AI secures the layer where modern risk actually lives—the interaction between code and AI. It continuously discovers AI components (agents, prompts, models), tests real behavioral risk through automated red teaming, and enforces in-app runtime guardrails for one continuous control system for the AI lifecycle. 2. Mend AppSec secures the modern code layer by continuously discovering and prioritizing risk across code, libraries, containers, and dependencies, giving teams the clarity they need to reduce exposure and ship secure software faster. 3. Mend Renovate secures the foundation of every codebase by automatically updating dependencies, rating the likelihood each update will succeed without breaking changes, and grouping them by confidence level so teams can resolve them faster.


**Average Rating:** 4.3/5.0
**Total Reviews:** 109
**How Do G2 Users Rate Mend.io?**

- **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 9.2/10)
- **Automated Scans:** 10.0/10 (Category avg: 9.0/10)

**Who Is the Company Behind Mend.io?**

- **Seller:** [Mend](https://www.g2.com/sellers/mend-ab79a83a-6747-4682-8072-a3c176489d0b)
- **Company Website:** https://mend.io
- **Year Founded:** 2011
- **HQ Location:** Boston, Massachusetts
- **Twitter:** @Mend_io (11,256 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/2440656/ (257 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 37% Small-Business, 34% Mid-Market


#### What Are Mend.io's Pros and Cons?

**Pros:**

- Scanning Efficiency (8 reviews)
- Ease of Use (7 reviews)
- Easy Integrations (6 reviews)
- Scanning Technology (6 reviews)
- Vulnerability Detection (6 reviews)

**Cons:**

- Integration Issues (6 reviews)
- Limited Features (3 reviews)
- Missing Features (3 reviews)
- Complex Implementation (2 reviews)
- Confusing Interface (2 reviews)


### What Do G2 Reviewers Say About Mend.io?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **scanning efficiency** of Mend.io, appreciating its quick and accurate results across multiple repositories.
- Users appreciate the **ease of use** of Mend.io, highlighting simple integration and efficient navigation to find vulnerabilities.
- Users appreciate the **easy integrations** of Mend.io, enabling efficient scanning and streamlined workflows across multiple repositories.
- Users appreciate the **quick and accurate scanning** capabilities of Mend.io, enhancing their development workflow and security.
- Users commend the **excellent automated vulnerability detection** in Mend.io, enhancing efficiency in their CI/CD processes.

**Cons:**

- Users struggle with **integration issues** , finding the setup process for tools like Jira and on-premise systems challenging.
- Users find **limited features** in Mend.io, struggling with functionality and integration challenges for various tools and cases.
- Users note that Mend.io lacks **essential features** , requiring additional tools and workarounds for effective integration.
- Users experience **complex implementation** with Mend.io, citing difficulties in integration and frequent false positives.
- Users find the **confusing interface** of Mend.io awkward, especially when switching between different product portals.

#### What Are Recent G2 Reviews of Mend.io?

**"[Great Tool for Managing 3rd party libraries](https://www.g2.com/survey_responses/mend-io-review-6728890)"**

**Rating:** 4.5/5.0 stars
*— Johannes B.*

[Read full review](https://www.g2.com/survey_responses/mend-io-review-6728890)

---

**"[Effortless Integration with Budget-Friendly Scanning](https://www.g2.com/survey_responses/mend-io-review-4261734)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer Software*

[Read full review](https://www.g2.com/survey_responses/mend-io-review-4261734)

---


#### What Are G2 Users Discussing About Mend.io?

- [What is your experience regarding pricing and costs for Mend.io, and how does it compare to other open-source security solutions?](https://www.g2.com/discussions/what-is-your-experience-regarding-pricing-and-costs-for-mend-io-and-how-does-it-compare-to-other-open-source-security-solutions)
- [What is Mend (formerly WhiteSource) used for?](https://www.g2.com/discussions/what-is-mend-formerly-whitesource-used-for)
- [What is white Source bolt?](https://www.g2.com/discussions/what-is-white-source-bolt)
- [What are SCA tools?](https://www.g2.com/discussions/what-are-sca-tools)
- [What is software composition analysis SCA?](https://www.g2.com/discussions/what-is-software-composition-analysis-sca)

### 12. [StackHawk](https://www.g2.com/products/stackhawk/reviews)
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.


**Average Rating:** 4.6/5.0
**Total Reviews:** 67
**How Do G2 Users Rate StackHawk?**

- **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.7/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.7/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 5.3/10 (Category avg: 8.4/10)

**Who Is the Company Behind StackHawk?**

- **Seller:** [StackHawk](https://www.g2.com/sellers/stackhawk)
- **Year Founded:** 2019
- **HQ Location:** Denver, CO
- **Twitter:** @StackHawk (1,137 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/40780406/ (31 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer Software
- **Company Size:** 46% Small-Business, 35% Mid-Market


#### What Are StackHawk's Pros and Cons?

**Pros:**

- Easy Integrations (4 reviews)
- Customer Support (3 reviews)
- Customizability (3 reviews)
- Efficiency Improvement (3 reviews)
- Scanning Efficiency (3 reviews)

**Cons:**

- Complex Setup (3 reviews)
- High Learning Curve (3 reviews)
- Lacking Features (3 reviews)
- Limited Scope (3 reviews)
- Setup Complexity (3 reviews)


### What Do G2 Reviewers Say About StackHawk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy integrations** of StackHawk, enhancing CI/CD pipelines and streamlining the onboarding process.
- Users commend StackHawk for its **exceptional customer support** , providing expert assistance and enhancing the overall user experience.
- Users value the **customizability** of StackHawk, appreciating its flexibility and integration options for unique workflows.
- Users find that StackHawk greatly enhances **efficiency** , enabling quicker identification and resolution of security vulnerabilities.
- Users value the **scanning efficiency** of StackHawk, enabling faster and more effective security scanning processes.

**Cons:**

- Users find the **complex setup** process frustrating due to the lack of simplified documentation and time-consuming configurations.
- Users face a **high learning curve** with StackHawk due to its complex setup and scripting requirements.
- Users find StackHawk **lacking features** , especially in API management and intuitive setup, hindering vulnerability management.
- Users note the **limited scope** of StackHawk, particularly regarding on-prem usage and automation capabilities.
- Users find **setup complexity** frustrating, as extensive YAML config trials are necessary for effective onboarding and scans.

#### What Are Recent G2 Reviews of StackHawk?

**"[StackHawk is a great DAST security tool](https://www.g2.com/survey_responses/stackhawk-review-10761348)"**

**Rating:** 5.0/5.0 stars
*— David M.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-10761348)

---

**"[A Game-Changer for DevSecOps](https://www.g2.com/survey_responses/stackhawk-review-8847655)"**

**Rating:** 5.0/5.0 stars
*— Todd L.*

[Read full review](https://www.g2.com/survey_responses/stackhawk-review-8847655)

---


#### What Are G2 Users Discussing About StackHawk?

- [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

### 13. [HostedScan.com](https://www.g2.com/products/hostedscan-com/reviews)
HostedScan provides 24x7 alerts and detection for security vulnerabilities. Industry-standard, open-source, vulnerability scans. Automated alerts when something changes. Manage target list manually or import automatically from providers, such as AWS, DigitalOcean, and Linode, with read-only access. Manage and audit risks with dashboarding and reporting.


**Average Rating:** 4.3/5.0
**Total Reviews:** 13
**How Do G2 Users Rate HostedScan.com?**

- **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.2/10)
- **Detection Rate:** 9.2/10 (Category avg: 8.9/10)
- **Automated Scans:** 10.0/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 10.0/10 (Category avg: 8.4/10)

**Who Is the Company Behind HostedScan.com?**

- **Seller:** [HostedScan](https://www.g2.com/sellers/hostedscan)
- **Year Founded:** 2019
- **HQ Location:** Seattle, Washington
- **Twitter:** @hostedscan (59 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/69116669 (4 employees on LinkedIn®)

**Who Uses This Product?**
- **Company Size:** 85% Small-Business, 15% Mid-Market



#### What Are Recent G2 Reviews of HostedScan.com?

**"[Excellent option for small charities](https://www.g2.com/survey_responses/hostedscan-com-review-9823419)"**

**Rating:** 5.0/5.0 stars
*— Stephen H.*

[Read full review](https://www.g2.com/survey_responses/hostedscan-com-review-9823419)

---

**"[Unmatched customer service](https://www.g2.com/survey_responses/hostedscan-com-review-10196707)"**

**Rating:** 5.0/5.0 stars
*— Maximiliano S.*

[Read full review](https://www.g2.com/survey_responses/hostedscan-com-review-10196707)

---



### 14. [OpenVAS](https://www.g2.com/products/openvas/reviews)
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.


**Average Rating:** 4.4/5.0
**Total Reviews:** 28
**How Do G2 Users Rate OpenVAS?**

- **Has the product been a good partner in doing business?:** 7.5/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.1/10 (Category avg: 8.9/10)
- **Automated Scans:** 8.3/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 7.0/10 (Category avg: 8.4/10)

**Who Is the Company Behind OpenVAS?**

- **Seller:** [OpenVAS](https://www.g2.com/sellers/openvas)
- **Year Founded:** 2020
- **HQ Location:** Zug, CH
- **Twitter:** @openvas (1,362 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/openvasp-association (2 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer &amp; Network Security, Information Technology and Services
- **Company Size:** 56% Mid-Market, 34% Small-Business



#### What Are Recent G2 Reviews of OpenVAS?

**"[Openvas pros and cons](https://www.g2.com/survey_responses/openvas-review-4559042)"**

**Rating:** 4.5/5.0 stars
*— Talha A.*

[Read full review](https://www.g2.com/survey_responses/openvas-review-4559042)

---

**"[A powerful and free tool](https://www.g2.com/survey_responses/openvas-review-8158632)"**

**Rating:** 4.0/5.0 stars
*— Victor Hugo M.*

[Read full review](https://www.g2.com/survey_responses/openvas-review-8158632)

---


#### What Are G2 Users Discussing About OpenVAS?

- [What is OpenVAS used for?](https://www.g2.com/discussions/what-is-openvas-used-for)

### 15. [S4E](https://www.g2.com/products/s4e/reviews)
S4E.io offers a cutting-edge Continuous Threat Exposure Management (CTEM) solution that leverages a robust microservice architecture to deliver unparalleled security. The platform utilizes the power of artificial intelligence to autonomously conduct comprehensive scans across various attack vectors, identifying and prioritizing potential risks in real time. By assessing vulnerabilities and defining their severity, S4E.io provides actionable insights and AI-supported remediation advice, enabling organizations to efficiently address security gaps. Furthermore, its continuous monitoring capabilities ensure that systems remain under vigilant protection, offering round-the-clock surveillance to detect and respond to emerging threats fastly. With S4E.io, businesses can fortify their defenses with advanced, automated, and intelligent security measures, ensuring a proactive approach to safeguarding digital assets. To visit our pricing packages to get an opinion. https://s4e.io/pricing Pleese do not hesitate to contact with our sales team to benefit discounted rates! sales@s4e.io


**Average Rating:** 4.3/5.0
**Total Reviews:** 15
**How Do G2 Users Rate S4E?**

- **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.2/10)
- **Detection Rate:** 8.3/10 (Category avg: 8.9/10)
- **Automated Scans:** 9.8/10 (Category avg: 9.0/10)
- **Configuration Monitoring:** 8.5/10 (Category avg: 8.4/10)

**Who Is the Company Behind S4E?**

- **Seller:** [Security For Everyone](https://www.g2.com/sellers/security-for-everyone)
- **Year Founded:** 2020
- **HQ Location:** Tallinn, EE
- **Twitter:** @secforeveryone (7,067 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/secforeveryone/ (29 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 73% Small-Business, 40% Mid-Market


#### What Are S4E's Pros and Cons?

**Pros:**

- Security (3 reviews)
- Automated Scanning (2 reviews)
- Features (2 reviews)
- Vulnerability Identification (2 reviews)
- Automation (1 reviews)

**Cons:**

- Learning Curve (1 reviews)
- Navigation Issues (1 reviews)


### What Do G2 Reviewers Say About S4E?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **automated vulnerability scanning** of S4E, ensuring continuous security and peace of mind.
- Users praise the **automated scanning** of S4E for its ease of use and efficient vulnerability detection.
- Users find the **intuitive dashboard and accurate alerts** of S4E&#39;s CTEM feature enhances their website security effectively.
- Users appreciate the **timely vulnerability identification** by S4E, enabling proactive management of security risks with ease.
- Users appreciate the **automation and timely alerts** of S4E, simplifying the identification of weaknesses post-deployment.

**Cons:**

- Users note a **learning curve** with S4E, requiring time to become familiar with its numerous features.
- Users feel that the **navigation could be improved** for a more seamless and user-friendly experience.

#### What Are Recent G2 Reviews of S4E?

**"[Quick identification doesn&#39;t allow any vulnerabilities to enter in system](https://www.g2.com/survey_responses/s4e-review-10550795)"**

**Rating:** 5.0/5.0 stars
*— Katherine B.*

[Read full review](https://www.g2.com/survey_responses/s4e-review-10550795)

---

**"[Great platform for securing managing APIs efficiently](https://www.g2.com/survey_responses/s4e-review-11616846)"**

**Rating:** 5.0/5.0 stars
*— Talha Y.*

[Read full review](https://www.g2.com/survey_responses/s4e-review-11616846)

---


#### What Are G2 Users Discussing About S4E?

- [What is SecurityForEveryone used for?](https://www.g2.com/discussions/what-is-securityforeveryone-used-for)

### 16. [OnSecurity](https://www.g2.com/products/onsecurity/reviews)
OnSecurity is a leading CREST-accredited penetration testing vendor based in the UK, dedicated to delivering high-impact, high-intelligence penetration testing services to businesses of all sizes. By simplifying the management and delivery of pentesting, we make it easier for organisations to enhance their security posture and mitigate risks, contributing to a safer, more secure digital environment for everyone. Pentesting, Vulnerability Scanning and Threat Intelligence all in one platform. Start your offensive cyber security journey today: https://www.onsecurity.io/


**Average Rating:** 4.9/5.0
**Total Reviews:** 36
**How Do G2 Users Rate OnSecurity?**

- **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.2/10)

**Who Is the Company Behind OnSecurity?**

- **Seller:** [On Security](https://www.g2.com/sellers/on-security)
- **Year Founded:** 2018
- **HQ Location:** Bristol, GB
- **Twitter:** @weareonsecurity (1,338 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/onsecurity (56 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 64% Small-Business, 31% Mid-Market



#### What Are Recent G2 Reviews of OnSecurity?

**"[Quick, easy &amp; reliable for startups](https://www.g2.com/survey_responses/onsecurity-review-8452060)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Health, Wellness and Fitness*

[Read full review](https://www.g2.com/survey_responses/onsecurity-review-8452060)

---

**"[Comprehensive Security Review](https://www.g2.com/survey_responses/onsecurity-review-8720254)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Computer Software*

[Read full review](https://www.g2.com/survey_responses/onsecurity-review-8720254)

---


#### What Are G2 Users Discussing About OnSecurity?

- [What is OnSecurity used for?](https://www.g2.com/discussions/what-is-onsecurity-used-for) - 1 upvote


## What Is Vulnerability Scanner Software?

[DevSecOps Software](https://www.g2.com/categories/devsecops)

## What Software Categories Are Similar to Vulnerability Scanner Software?

- [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools)
- [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)
- [Risk-Based Vulnerability Management Software](https://www.g2.com/categories/risk-based-vulnerability-management)


---

## How Do You Choose the Right Vulnerability Scanner Software?

### What You Should Know About Vulnerability Scanner Software

### What is Vulnerability Scanner Software?

Vulnerability scanners are used to examine applications, networks, and environments for security flaws and misconfigurations. These tools run a variety of dynamic security tests to identify security threats along an application or network’s attack surface. Scans can be used for anything from an application penetration test to a compliance scan. Depending on the specific objectives a user has, they can customize the vulnerability scanner to test for specific issues or requirements.

Companies can configure these tests to their unique environment. Companies that handle lots of personal or financial data may scan to ensure every transaction or datastore is encrypted from the public. They could also test their web applications against specific threats like SQL injection or cross-site scripting (XSS) attacks. The highly-customizable nature of vulnerability scanners provides users with tailor-made solutions for application and network security examination.

Many of these tools offer continuous scanning and testing for nonstop protection and monitoring. Whatever administrators set as a priority will be tested periodically and inform employees of issues or incidents. Continuous monitoring makes it much easier to discover vulnerabilities before they become an issue and drastically reduce the amount of time a vulnerability takes to remediate.

Top vulnerability scanner software with CVE remediation guidance typically combines automated scanning with prioritized fix recommendations that map findings to severity scores, exposure paths, and patch availability. Based on G2 reviews, security teams evaluate vulnerability scanner software by comparing CVE remediation depth, false positive rates, and how quickly the platform integrates into existing CI/CD pipelines and cloud environments.

Key Benefits of Vulnerability Scanner Software

- Scan networks and applications for security flaws
- Diagnose, track, and remediate vulnerabilities
- Identify and resolve misconfigurations
- Perform ad hoc security tests

### Why Use Vulnerability Scanner Software?

Applications and networks are only beneficial to a business if they operate smoothly and securely. Vulnerability scanners are a useful tool to view internal systems and applications from the perspective of the attacker. These tools allow for dynamic testing while applications operate. This helps security teams take a step beyond patches and code analysis to evaluate security posture while the application, network, or instance actually runs.

**Application security—** Cloud, web, and desktop applications all require security, but operate differently. While many vulnerability scanners support testing for all kinds of applications, vulnerability scanners often support a few application types, but not others. Still, they will all examine the application itself, as well as the paths a user needs to access it. For example, if a vulnerability scanner is used on a web application, the tool will take into account the various attack vectors a hacker might take. This includes a site’s navigation, regional access, privileges, and other factors decided by the user. From there, the scanner will output reports on specific vulnerabilities, compliance issues, and other operational flaws.

**Networks —** While software applications are often the most obvious use cases for vulnerability scanners, network vulnerability scanners are also quite common. These tools take into account the network itself, as well as computers, servers, mobile devices and any other asset accessing a network. This helps businesses identify vulnerable devices and abnormal behaviors within a network to identify and remediate issues as well as improve their network&#39;s security posture. Many even provide visual tools for mapping networks and their associated assets to simplify the management and prioritization of vulnerabilities requiring remediation.

**Cloud environments —** Not to be confused with cloud-based solutions delivered in a SaaS model, cloud vulnerability scanners examine cloud services, cloud computing environments, and integrated connections. Like network vulnerability scanners, cloud environments require an examination on a few levels. Cloud assets come in many forms including devices, domains, and instances; but all must be accounted for and scanned. In a properly secured cloud computing environment, integrations and API connections, assets, and environments must all be mapped, configurations must be monitored, and requirements must be enforced.

Based on G2 reviews, vulnerability scanner platforms generating VLAN audit reports are evaluated primarily by security teams running segmented enterprise networks where compliance frameworks (PCI, HIPAA, SOC 2, ISO 27001) require documented scans across each network zone. Reviewers point to audit-ready compliance reporting, granular scan scope by IP range and network segment, and exportable evidence formats as the features that determine whether the platform shortens the audit prep cycle or adds another step to it.

### What are the Common Features of Vulnerability Scanner Software?

Vulnerability scanners can provide a wide range of features, but here are a few of the most common found in the market.

**Network mapping —** Network mapping features provide a visual representation of network assets including endpoints, servers, and mobile devices to intuitively demonstrate an entire network’s components.

**Web inspection —** Web inspection features are used to assess the security of a web application in the context of its availability. This includes site navigation, taxonomies, scripts, and other web-based operations that may impact a hacker’s abilities.

[**Defect tracking**](https://www.g2.com/categories/vulnerability-scanner/f/issue-tracking) **—** Defect and issue tracking functionality helps users discover and document vulnerabilities and track them to their source through the resolution process.

**Interactive scanning —** Interactive scanning or interactive application security testing features allow a user to be directly involved in the scanning process, watch tests in real time, and perform ad hoc tests.

[**Perimeter scanning**](https://www.g2.com/categories/vulnerability-scanner/f/perimeter-scanning) **—** Perimeter scanning will analyze assets connected to a network or cloud environment for vulnerabilities.

[**Black box testing**](https://www.g2.com/categories/vulnerability-scanner/f/black-box-testing) **—** Black box scanning refers to tests conducted from the hacker’s perspective. Black box scanning examines functional applications externally for vulnerabilities like SQL injection or XSS.

**Continuous monitoring —** Continuous monitoring allows users to set it and forget it. They enable scanners to run all the time as they alert users of new vulnerabilities.

[**Compliance monitoring**](https://www.g2.com/categories/vulnerability-scanner/f/compliance-testing) **—** Compliance-related monitoring features are used to monitor data quality and send alerts based on violations or misuse.

**Asset discovery —** Asset discovery features unveil applications in use and trends associated with asset traffic, access, and usage.

**Logging and reporting —** Log documentation and reporting provides required reports to manage operations. It provides adequate logging to troubleshoot and support auditing.

**Threat intelligence —** Threat intelligence features integrate with or store information related to common threats and how to resolve them once incidents occur.

**Risk analysis —** Risk scoring and risk analysis features identify, score, and prioritize security risks, vulnerabilities, and compliance impacts of attacks and breaches.

**Extensibility —** Extensibility and integration features provide the ability to extend the platform or product to include additional features and functionalities.

Based on G2 reviews, the most trusted vulnerability scanner platforms in 2026 for security teams lead on CVE remediation guidance and easy setup onboarding, with reviewers describing time-to-first-scan in hours rather than weeks. SOC and AppSec teams point to clear remediation steps, severity scoring, and actionable findings as the features that distinguish platforms they actively use from ones that produce noise. Vulnerability scanner solutions with easy setup onboarding are highlighted in recent reviews for delivering full environment visibility on day one through agentless, API-driven architectures, with documentation that reduces the engineering lift typically associated with rolling out vulnerability scanning.

Many vulnerability scanner tools will also offer the following features:&amp;nbsp;

- [Configuration monitoring capabilities](https://www.g2.com/categories/vulnerability-scanner/f/configuration-monitoring)
- [Automated scan capabilities](https://www.g2.com/categories/vulnerability-scanner/f/automated-scans)
- [Manual application testing capabilities](https://www.g2.com/categories/vulnerability-scanner/f/manual-application-testing)
- [Static code analysis capabilities](https://www.g2.com/categories/vulnerability-scanner/f/static-code-analysis)

### Potential Issues with Vulnerability Scanner Software

**False positives —** False positives are one of the most common issues with security tools. They indicate a tool is not running efficiently and introduce lots of unnecessary labor. Users should examine figures related to specific products and their accuracy before purchasing a solution.

**Integrations —** Integrations can make an application or product do virtually anything, but only if the integration is supported. If a specific solution must be integrated or a specific data source is highly relevant, be sure it’s compatible with the vulnerability scanner before making that decision.

**Scalability —** Scalability is always important, especially for growing teams. Cloud and SaaS-based solutions are traditionally the most scalable, but desktop and open source tools may be as well. Scalability will be important for teams considering collaborative use, concurrent use, and multi-application and environment scanning.

### Software and Services Related to Vulnerability Scanner Software

These technology families are either closely related to vulnerability scanners or there is frequent overlap between products.

[**Risk-based vulnerability management software**](https://www.g2.com/categories/risk-based-vulnerability-management) **—** Risk-based vulnerability management software is used to analyze security posture based on a wide array of risk factors. From there, companies prioritize vulnerabilities based on their risk score. These tools often have some overlapping features, but they’re more geared towards prioritizing risks in large organizations rather than identifying vulnerabilities to individual applications or environments.

[**Dynamic application security testing (DAST) software**](https://www.g2.com/categories/dynamic-application-security-testing-dast) **—** DAST software is very closely related to vulnerability scanners and are sometimes used interchangeably. The differentiating factor here, though, is the ability to scan networks, cloud services, and IT assets in addition to applications. While they do scan for vulnerabilities, they won’t allow users to map networks, visualize environments, or examine vulnerabilities beyond the scope of the application.

[**Static application security testing (SAST) software**](https://www.g2.com/categories/static-application-security-testing-sast) **—** SAST software is not that similar to vulnerability scanners, unlike DAST tools. SAST tools allow for the examination of source code and non-operational application components. They also can’t simulate attacks or perform functional security tests. Still, these can be useful for defect and bug tracking if the vulnerability is rooted in an application’s source code.

[**Penetration testing software**](https://www.g2.com/categories/penetration-testing) **—** Penetration testing software is one aspect of vulnerability scanning, but a penetration test will not provide a wide variety of security tests. They are useful for testing common attack types, but they won’t be very effective in identifying and remediating the root cause of a vulnerability.

Based on G2 reviews, Software Composition Analysis tools Jenkins GitLab integration continuous vulnerability scanning is the workflow pattern reviewers describe as the standard for developer-led security programs running checks inside the build pipeline rather than as a separate stage. Reviewers point to agentless, API-driven scanners integrating into CI/CD pipelines to catch secrets, misconfigurations, and open-source dependency vulnerabilities pre-deployment as the setup that scales with engineering velocity. Reviewers note that consolidated platforms unifying SCA, SAST, and exposure-management scanning under one interface are the preferred consolidation pattern over stitching together standalone tools.



