I'm on the hunt for a good vulnerability scanner that won't break the bank. Recently, I checked out HostedScan, but they lack an enterprise feed for OpenVAS, which makes it less useful for scanning enterprise products. I'm curious to hear what you all are using. Are you going for self-hosted options, SaaS scanners, or perhaps OpenVAS with a paid feed? I'm looking for recommendations on what really works in your setups and what gives good value for the money.
5 Answers
Have you checked what your existing security software provider offers? Sometimes EDR or similar solutions will include vulnerability scanning in their packages. Also, ESET recently added scanning features with their AV offerings.
I've explored OpenVAS and Nessus too. OpenVAS can be good if you're okay managing it yourself, but many find Nessus easier to maintain since it offers more consistent feeds.
Nessus Pro is relatively inexpensive compared to other solutions, plus you get access to Tenable's research.
We've been using Nessus with Tenable, which has been solid for us. Just curious, what do you consider 'reasonably priced'? That might help pinpoint some better suggestions.
Wazuh is a free option, and while I've only used it for personal projects, it’s been adequate. We actually manage it for around 300 endpoints, but keep in mind it depends on how CVEs are reported. Sometimes, if CVEs are still being evaluated, Wazuh might miss those.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures