Best Vulnerability Scanner Software

Vulnerability scanners are tools that constantly monitor applications and networks to identify security vulnerabilities. They work by maintaining an up-to-date database of known vulnerabilities, and conduct scans to identify potential exploits. Vulnerability scanners are used by companies to test applications and networks against known vulnerabilities and to identify new vulnerabilities. The scanners typically produce analytical reports detailing the state of an application or network security and provide recommendations to remedy known issues. Some vulnerability scanners work in a similar manner to dynamic application security testing (DAST) tools, but scan tools instead of mimicking attacks or performing penetration tests.

To qualify for inclusion in the Vulnerability Scanner category, a product must:

  • Maintain a database of known vulnerabilities
  • Continuously scan applications for vulnerabilities
  • Produce reports analyzing known vulnerabilities and new exploits
G2 Grid® for Vulnerability Scanner
High Performers
Market Presence
Star Rating

Vulnerability Scanner reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Vulnerability Scanner Software

Results: 67
G2 takes pride in showing unbiased ratings on user satisfaction. G2 does not allow for paid placement in any of our ratings.
Results: 67
Filter Results
Filter by:
Sort by
Star Rating
Sort By:

    Scanners find millions of vulnerabilities in our customers' environments, overwhelming remediation efforts. NetSPI Resolve scales to these massive data needs to help lessen the vulnerability flood.

    Our SaaS Vulnerability Scanner accumulates the power of software discovery that runs against your Internet facing hosts and vulnerability intelligence. We use passive fingerprinting techniques to detect software and its version, running on a particular port, as well as supported functionality. This approach allows us to reliably detect and report critical vulnerabilities, misconfigured services or dangerous applications facing the Internet within your infrastructure. Furthermore, your systems will not suffer service disruptions during vulnerability scans as our passive fingerprinting techniques do not require usage of dangerous exploits. During the scan we will not trigger memory corruption, excessive resources consumption or assertion failures and still will be able to detect if your service is vulnerable to such threats.

    NNT’s Vulnerability Tracker™ is an enterprise-class vulnerability scanning solution that enables organizations to cost-effectively improve their IT posture by focusing your remediation guidance on the assets that pose the highest risk to your network. This solution is designed to be a distributed, fast and accurate vulnerability assessment tool that also identifies breaches of your corporate security policies and statutory regulations. Vulnerability Tracker™ identifies known vulnerabilities within software and configuration settings before they can be exploited by a cyber-attack. Vulnerability Tracker™ continuously tests and assesses your IT network and any device connected to it against 66,000 Network Vulnerability Tests (NVTs). New vulnerabilities are added daily through various content providers and industry trusted resources which include over 11,400 Common Vulnerabilities and Exposure (CVEs), Bugtraq alerts, aggregate compliance rulesets, controls for scan agents and embedded Nmap NSE test routines. NNT Vulnerability Tracker™ helps your organization maximize scanning efficiency with hyper fast scanning technology and fewer false positive. Vulnerability Tracker™ delivers class-leading accuracy, guaranteeing the lowest false positive per scan ratio in the vulnerability scanning market. Our hyper-fast scanning technology means your organization can assess over 50,000 endpoints per 24 hours.

    N-Stalker Web Application Security Scanner X is a web security assessment solution for web applications.

    Reveelium is a threat detection software that monitors user behavior and identifies anomalies that can lead to security breaches.

    Proactive VMware analytics product that helps you discover potential issues before they cause major outages or security incidents.

    SafeSAI provides a cloud-based security platform for our customers to conduct security assessments of their website application.

    Detect security flaws in your website or web application and avoid being hacked. HTTPCS Security puts Machine Learning at the service of your cyber security to protect your site against hacking and data leaks.

    SecurityMetrics Perimeter Scan's regularly updated scan engine identifies external network vulnerabilities so you can keep your data safe. Vulnerability scanning identifies top risks such as misconfigured firewalls, malware hazards, remote access vulnerabilities, and can be used for cyber security or compliance mandates like PCI DSS and HIPAA.

    SOCVue Vulnerability Management is a service that helps reduce attack surface by proactively identifying vulnerabilities across IT environment, prioritizing them based on business impact and risk, and providing remediation guidance to save significant time and reducing operational costs.

    Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

    The Network Vulnerability Scanning Service uses a self-developed vulnerability scanner to perform comprehensive security vulnerability scanning on specified target systems. The service relies on a powerful vulnerability database and 100,000+ vulnerability detection scripts to drill down into various security vulnerabilities. All kinds of scanning items are strictly tested by security experts, and timely follow up on the newly exposed security vulnerabilities on the network to ensure the accuracy and timeliness of scanning.

    Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

    A lightweight plugin agent that protects against the known attack vectors found in 2013 and 2017 OWASP Top Ten, SANS Top 25, Other common exploits

    WhiteHat Sentinel Dynamic is a software-as-a-service platform for dynamic application security testing (DAST).

    Zerocopter enables you to confidently leverage the skills of the world's most knowledgable ethical hackers to secure your applications.