Alternatives to KernelCare Enterprise
Compare KernelCare Enterprise alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to KernelCare Enterprise in 2025. Compare features, ratings, user reviews, pricing, and more from KernelCare Enterprise competitors and alternatives in order to make an informed decision for your business.
-
1
NinjaOne
NinjaOne
NinjaOne automates the hardest parts of IT, delivering visibility, security, and control over all endpoints for more than 20,000 customers. The NinjaOne automated endpoint management platform is proven to increase productivity, reduce security risk, and lower costs for IT teams and managed service providers. The company seamlessly integrates with a wide range of IT and security technologies. NinjaOne is obsessed with customer success and provides free and unlimited onboarding, training, and support. -
2
ManageEngine Endpoint Central
ManageEngine
ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. -
3
Wiz
Wiz
Wiz is a new approach to cloud security that finds the most critical risks and infiltration vectors with complete coverage across the full stack of multi-cloud environments. Find all lateral movement risks such as private keys used to access both development and production environments. Scan for vulnerable and unpatched operating systems, installed software, and code libraries in your workloads prioritized by risk. Get a complete and up-to-date inventory of all services and software in your cloud environments including the version and package. Identify all keys located on your workloads cross referenced with the privileges they have in your cloud environment. See which resources are publicly exposed to the internet based on a full analysis of your cloud network, even those behind multiple hops. Assess the configuration of cloud infrastructure, Kubernetes, and VM operating systems against your baselines and industry best practices. -
4
Action1
Action1
Action1 is an autonomous endpoint management platform trusted by many Fortune 500 companies. Cloud-native, infinitely scalable, highly secure, and configurable in 5 minutes—it just works and is always free for the first 200 endpoints, with no functional limits. By pioneering autonomous OS and third-party patching with peer-to-peer patch distribution and real-time vulnerability assessment without needing a VPN, it eliminates routine labor, preempts ransomware and security risks, and protects the digital employee experience. In 2025, Action1 was recognized by Inc. 5000 as the fastest-growing private software company in America. The company is founder-led by Alex Vovk and Mike Walters, American entrepreneurs who previously founded Netwrix, a multi-billion-dollar cybersecurity company. -
5
ESET Protect Advanced is a comprehensive cybersecurity solution designed for businesses of all sizes. It offers advanced endpoint protection against ransomware, zero-day threats, and sophisticated attacks with ESET LiveSense technology. It includes full disk encryption for legal compliance and data protection. The solution features proactive cloud-based threat defense using adaptive scanning, machine learning, cloud sandboxing, and behavioral analysis to prevent new threats. Mobile threat defense secures Android and iOS devices with anti-malware, anti-theft, and mobile device management. It also provides cloud app protection, mail server security, and vulnerability and patch management. Extended detection and response (XDR) enhances threat detection and response, while multi-factor authentication adds security. The solution offers single-pane-of-glass remote management for visibility into threats and users, along with advanced reporting and custom notifications.
-
6
Acronis Cyber Protect
Acronis
Managing cyber protection in a constantly evolving threat landscape is a challenge. Safeguard your data from any threat with Acronis Cyber Protect (includes all features of Acronis Cyber Backup) – the only cyber protection solution that natively integrates data protection and cybersecurity. - Eliminate gaps in your defenses with integrated backup and anti-ransomware technologies. - Safeguard every bit of data against new and evolving cyberthreats with advanced MI-based protection against malware. - Streamline endpoint protection with integrated and automated URL filtering, vulnerability assessments, patch management and moreStarting Price: $85 -
7
Heimdal® Endpoint Detection and Response is our proprietary multi-solution service providing unique prevention, threat-hunting, and remediation capabilities. It combines some of the most advanced threat-hunting technologies: - Next-Gen Antivirus - Privileged Access Management - Application Control - Ransomware Encryption Protection - Patch & Asset Management - Email Security - Remote Desktop - Threat Prevention ( DNS based ) - Threat Hunting & Action Center With 9 modules working together seamlessly under one convenient roof, all within one agent and one platform, Heimdal Endpoint Detection and Response grants you access to all the essential cybersecurity layers your business needs to protect itself against both known and unknown online and insider threats. Our state-of-the-art product empowers you to quickly and effortlessly respond to sophisticated malware with stunning accuracy, protecting your digital assets and your reputation in the process as well.Starting Price: $0/month
-
8
Vulcan Cyber
Vulcan Cyber
At Vulcan Cyber we’re changing the way businesses reduce cyber risk through vulnerability remediation orchestration. We help IT security teams go beyond remedial vulnerability management to help them drive vulnerability remediation outcomes. The Vulcan platform consolidates vulnerability and asset data, with threat intelligence and customizable risk parameters to deliver risk-based vulnerability prioritization insights. But we don't stop there. Vulcan remediation intelligence takes the vulnerabilities that matter to your business and attaches the remedies and fixes needed to mitigate the threat. Then Vulcan orchestrates and measures the rest of the remediation process with integrations and inputs into application security, DevSecOps, patch management, configuration management, and cloud security tools, teams and functions. From scan to fix, Vulcan Cyber delivers the unique ability to orchestrate the entire vulnerability remediation process to GET FIX DONE at scale.Starting Price: $999 / month -
9
Hexnode UEM
Mitsogo Inc
Hexnode, the enterprise software division of Mitsogo Inc., is a Unified Endpoint Management solution with cross-platform functionalities. Hexnode supports all major operating systems, including iOS, iPadOS, Android, Windows, macOS, tvOS, Linux, ChromeOS, visionOS, Apple TV, Android TV, and fireOS, and offers out-of-the-box enrollment methods. The entire device lifecycle, starting from enrollment to device retirement, can be monitored and managed from a unified console. Features such as automated device enrollment, geofencing, Remote Monitoring and Management, patch management, and a simple and intuitive UI makes it the perfect tool for device management. In addition, Hexnode offers a wealth of tools perfect for today's increasingly mobile, modern teams, which includes an intuitive dashboard for greater visibility and control over mobile devices across the enterprise, web filtering for security, location tracking, and so much more. -
10
SanerNow
SecPod Technologies
SecPod SanerNow is the world's best unified endpoint security & management platform that powers IT/Security Teams automate cyber hygiene practices. It works on an intelligent agent-server model to execute effective endpoint management and security. It gives you accurate vulnerability management with scanning, detection, assessment, prioritization, and remediation capabilities. SanerNow is available on both cloud and on-premise, whose integrated patch management automates patching across all major OSs like Windows, MAC, Linux, and a vast collection of 3rd party software patches. What makes it unique? You can now access other salient features like security compliance management, IT asset management, endpoint management, software deployment, application & device control, and endpoint threat detection and response, all on a single platform. With SanerNow, you can remotely perform and automate these tasks to secure your systems from the emerging wave of cyberattacks.Starting Price: $50/year/device -
11
Migrateq
Migrateq
Linux Pro provides professional services and 24/7 technical support for most Linux distributions and other Open Source software. - Break-fix, troubleshooting and analysis of issues - Migrations between various clouds and hardware - Installation, configuration, customization of software - Updates, upgrades, custom patches, migrations - Performance reporting and optimization - Security incident detection and remediation - Configuration management and automation for scaleStarting Price: $7/month/user -
12
Ivanti
Ivanti
Ivanti offers integrated IT management solutions designed to automate and secure technology across organizations. Their Unified Endpoint Management platform provides intuitive control from a single console to manage any device from any location. Ivanti’s Enterprise Service Management delivers actionable insights to streamline IT operations and improve employee experiences. The company also provides comprehensive network security and exposure management tools to protect assets and prioritize risks effectively. Trusted by over 34,000 customers worldwide, including Conair and City of Seattle, Ivanti supports secure, flexible work environments. Their solutions enable businesses to boost productivity while maintaining strong security and operational visibility. -
13
ManageEngine Vulnerability Manager Plus
ManageEngine
Enterprise vulnerability management software. Vulnerability Manager Plus is an integrated threat and vulnerability management software that delivers comprehensive vulnerability scanning, assessment, and remediation across all endpoints in your network from a centralized console. Scan and discover exposed areas of all your local and remote office endpoints as well as roaming devices. Leverage attacker-based analytics, and prioritize areas that are more likely to be exploited by an attacker. Mitigate the exploitation of security loopholes that exist in your network and prevent further loopholes from developing. Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix. Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 250 third-party applications with an integral patching module—at no additional cost.Starting Price: $695 per user per year -
14
A tidal wave of vulnerabilities, but you can’t fix them all. Rely on extensive threat intel and patented prioritization to cut costs, save time, and keep your teams efficiently focused on reducing the biggest risks to your business. This is Modern Risk-Based Vulnerability Management. We created Risk-Based Vulnerability Management software and now we’re defining the modern model. Show your security and IT teams which infrastructure vulnerabilities they should remediate, when. Our latest version reveals exploitability can be measured, and accurately measuring exploitability can help you minimize it. Cisco Vulnerability Management (formerly Kenna.VM) combines real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which you can deprioritize. Spoiler alert: Your mega-list of “critical vulnerabilities” will shrink faster than a woolen sweater-vest in a hot cycle.
-
15
OPSWAT MetaDefender
OPSWAT
MetaDefender layers an array of market-leading technologies to protect critical IT and OT environments and shrinks the overall attack surface by detecting and preventing sophisticated known and unknown file-borne threats like advanced evasive malware, zero-day attacks, APTs (advanced persistent threats), and more. MetaDefender easily integrates with existing cybersecurity solutions at every layer of your organization’s infrastructure. With flexible deployment options purpose-built for your specific use case, MetaDefender ensures files entering, being stored on, and exiting your environment are safe—from the plant floor to the cloud. This solution uses a range of technologies to help your organization develop a comprehensive threat prevention strategy. MetaDefender protects organizations from advanced cybersecurity threats in data that originates from a variety of sources, such as web, email, portable media devices, and endpoints.Starting Price: $0 -
16
ESET PROTECT Complete is a comprehensive cybersecurity solution designed to safeguard business endpoints, cloud applications, and email systems. It offers advanced protection against ransomware and zero-day threats through cloud-based sandboxing technology and machine learning-driven detection. It includes full disk encryption capabilities, aiding compliance with data protection regulations. ESET PROTECT Complete also provides robust security for mobile devices, file servers, and email servers, incorporating anti-malware, anti-phishing, and anti-spam measures. Its centralized, cloud-based management console allows for streamlined deployment, monitoring, and response to security incidents across the organization. Additional features include vulnerability and patch management, ensuring that software vulnerabilities are promptly identified and addressed.Starting Price: $287.72 one-time payment
-
17
Qualys VMDR
Qualys
The industry's most advanced, scalable and extensible solution for vulnerability management. Fully cloud-based, Qualys VMDR provides global visibility into where your IT assets are vulnerable and how to protect them. With VMDR 2.0, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure its true risk, and track risk reduction over time. Discover, assess, prioritize, and patch critical vulnerabilities and reduce cybersecurity risk in real time and across your global hybrid IT, OT, and IoT landscape. Quantify risk across vulnerabilities, assets, and groups of assets to help your organization proactively mitigate risk exposure and track risk reduction over time with Qualys TruRisk™ -
18
ESET PROTECT Elite
ESET
ESET PROTECT Elite is an enterprise-grade cybersecurity solution that integrates extended detection and response with comprehensive multilayered protection. It offers advanced threat defense using adaptive scanning, machine learning, cloud sandboxing, and behavioral analysis to prevent zero-day threats and ransomware. The platform includes modern endpoint protection for computers and smartphones, server security for real-time data protection, and mobile threat defense. It also features full disk encryption, helping organizations comply with data protection regulations. ESET PROTECT Elite provides robust email security, including anti-phishing, anti-malware, and anti-spam technologies, along with cloud app protection for Microsoft 365 and Google Workspace. Vulnerability and patch management capabilities allow for automatic tracking and patching of vulnerabilities across all endpoints.Starting Price: $275 one-time payment -
19
Automox
Automox
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.Starting Price: $3.00 -
20
Seal Security
Seal Security
Redefine open source vulnerability and patch management with Seal Security. Easy integration directly into your existing SDLC, and workflows. Standalone security patches for immediate resolution of critical security issues. Predictable remediation and optimal resource allocation, with centralized control and reduced R&D dependency. Streamline your open source vulnerability remediation without introducing the risk of breaking changes. Say goodbye to alert fatigue and start patching with Seal Security. Pass every product security scan with confidence. Seal Security provides immediate remediation for open source vulnerabilities. By meeting your customers' SLAs and offering a vulnerability-free product, you can ensure customer trust and fortify your market standing. Seal Security seamlessly integrates with various coding languages, patch management systems, and open source platforms through powerful APIs and CLI.Starting Price: Free -
21
ManageEngine Patch Manager Plus
ManageEngine
Keep all your production businesses up to date by automating the entire patching process using Patch Manager Plus. Available as both cloud-based and on-premise software, Patch Manager Plus offers features that include scanning for and detecting missing patches, automated scheduled patch deployments, test and approve patches, patch tracking, patch compliance and reporting. Patch Manager Plus also enables users to provide detailed audit and compliance reports.Starting Price: $245 per year -
22
SAINTcloud
Carson & SAINT Corporations
The cost of defending your most critical technology resources and information rises every year. Increased threats and tight budgets challenge even the most robust risk-management program. Carson & SAINT developed SAINTcloud vulnerability management to provide all of the power and capability offered in our fully-integrated vulnerability management solution, SAINT Security Suite, without the need to implement and maintain on-premise infrastructure and software. This means you can spend more time reducing risks and less time managing the tools you use. No software to install – set up and running in minutes. Full vulnerability scanning, penetration testing, social engineering, configuration, compliance, and reporting in one product. Role-based access controls for separation of duties and accountability. Internal host and remote site scans from the cloud. -
23
NorthStar Navigator
NorthStar.io, Inc.
NorthStar is redefining Risk-Based Vulnerability Management with simple, contextual vulnerability prioritization for easier remediation. Common challenges NorthStar addresses are listed below: • Prioritize issues that should be addressed first in order to make the best use of limited resources. • Address lingering exposures that could impact critical business services, applications, and data stores. • Bridge the visibility gap and discrepancies that exist between vulnerability assessment and patch management. • Track reduction in risk over time and validate the most important issues are being addressed first. • Deliver a complete view of their environment – all assets, vulnerabilities and exposures. • Eliminate manual processes and unnecessary spreadsheet work.Starting Price: $8 per device -
24
Heimdal Patch & Asset Management
Heimdal®
Heimdal Patch & Asset Management is an automatic software updater and digital asset tracking solution that will automatically install updates based on your configured policies, without the need for manual input. As soon as 3rd party vendors release new patches, our technology silently deploys them to your endpoints, without the need for reboots or user interruption. In addition to this, Heimdal Patch & Asset Management allows your sysadmins to see any software assets in your inventory, alongside their version and number of installs. Users can also install software on their own, saving time and resources. Automating your patch management routine helps you save valuable time and resources. Heimdal Patch & Asset Management makes vulnerability and patch management cost-effective and time-efficient. -
25
CYRISMA
CYRISMA
CYRISMA is an all-in-one cyber risk management platform that enables you to discover, understand, mitigate, and manage risk in a holistic and cost-effective manner. Identify and mitigate network and endpoint vulnerabilities, discover and secure sensitive data across cloud and on-prem environments, strengthen OS configuration settings, track compliance, and generate cyber risk assessment reports in a few easy steps. Platform capabilities include (everything included in the price): -- Vulnerability and Patch Management -- Secure OS Configuration Scanning -- Sensitive data discovery; data protection (both on-prem cloud including Microsoft Office 365 and Google Workspace) -- Dark web monitoring -- Compliance Tracking (NIST CSF, CIS Critical Controls, SOC 2, PCI DSS, HIPAA, ACSC Essential Eight, NCSC Cyber Essentials) -- Active Directory Monitoring (both on-prem and Azure) -- Cyber risk quantification in multiple currencies -- Cyber risk assessment and reporting -
26
Tenable One
Tenable
Tenable One radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to isolate and eradicate priority cyber exposures from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. The world’s only AI-powered exposure management platform. See every asset across your entire attack surface—from cloud environments to operational technologies, infrastructure to containers, and remote workers to modern web-apps with Tenable's market-leading vulnerability management sensors. With more than 20 trillion aspects of threat, vulnerability, misconfiguration and asset information, Tenable’s machine-learning powered predictions reduce remediation efforts by enabling you to focus first on the risks that matter most. Drive improvements required to reduce the probability of a business-impacting cyber event from occurring by communicating objective measures of risk. -
27
baramundi Management Suite
baramundi Software USA
Modular, scalable and highly cost-effective Unified Endpoint Management system for comprehensive IT management, security and workflow automation. Modules work together via a single database in a single user interface. Select any of 18 available modules now and add others as needed for OS Install & Cloning, Patch Management, Vulnerability Management, MDM, Remote Control, Inventory, VM Management, SNMP Device Management, Application Control, Disaster Recovery, Personal Backup and more.Starting Price: $5000.00/one-time -
28
Frontline Vulnerability Manager is more than a just a network vulnerability scanner or vulnerability assessment. It's a proactive, risk-based vulnerability and threat management solution that is a vital part of any cyber risk management program. Its robust features set it apart from other VM solutions, providing vital security information in a centralized, easily understood format so you can protect your business-critical assets efficiently and effectively. More than ever, cyber attackers are looking for vulnerabilities they can exploit in a company’s network. So having a vulnerability management solution in place is critical. A vulnerability management program is far more than just a vulnerability assessment, vulnerability scanner, or patch management. The best vulnerability management solutions use an ongoing process that regularly identifies, evaluates, reports and prioritizes vulnerabilities in network systems and software.
-
29
SecurityBridge
SecurityBridge
SecurityBridge is a comprehensive cybersecurity platform built natively for SAP S/4HANA environments, delivering a full 360° view of SAP system security including vulnerability management, threat detection, user-activity monitoring, compliance automation, and incident response, all embedded directly in the SAP stack. The platform offers modular components such as privileged access management, interface-traffic monitoring, code-vulnerability analysis, patch-management, and a central security dashboard enabling real-time insights into policy violations, behavioral anomalies, and custom-code risk. With pre-built use cases and minimal configuration, SecurityBridge enables organizations to improve their SAP security posture quickly without additional infrastructure. Integration into broader SOC workflows is supported via SIEM/SOAR connectors so SAP security events can be correlated with enterprise-wide security telemetry. -
30
Strobes RBVM
Strobes Security
Strobes RBVM simplifies vulnerability management with its all-in-one platform, streamlining the process of identifying, prioritizing, and mitigating vulnerability risks across various attack vectors. Through seamless automation, integration, and comprehensive reporting, organizations can proactively enhance their cybersecurity posture. Integrate multiple security scanners, threat intel, & IT ops tools to aggregate thousands of vulnerabilities but only end up patching the most important ones by using our advanced prioritization techniques. Strobes Risk Based Vulnerability Management software goes beyond the capabilities of a standalone vulnerability scanner by aggregating from multiple sources, correlating with threat intel data and prioritising issues automatically. Being vendor agnostic we currently support 50+ vendors to give you an extensive view of your vulnerability landscape within Strobes itself.Starting Price: $999 -
31
Comodo Dragon Platform
Comodo
Our completely cloud-native framework delivers you zero day protection against undetectable threats while defending your endpoints from known threat signatures. Comodo introduced a new approach to endpoint protection, engineered to solve the issue of legacy security solutions. The Dragon platform delivers the foundation principles for complete next-generation endpoint protection. Easily improve your cybersecurity and performance with the Dragon Platform's lightweight agent delivering artificial intelligence (AI) and Auto Containment to stop all threats. Comodo delivers everything cybersecurity you ever needed to activate breach protection immediate value added from day one. 100% trusted verdict within 45 seconds on 92% of signatures via analysis, and 4 hours SLA on the remaining 8% via human experts. Automatic signature updates that simplifies deployment across your entire environment to lower operational costs. -
32
Trio
Trio Technology
From businesses to educational institutions, Trio breaks down conventional management methods and rebuilds them gapless, automated, and simply secure. As a one-of-a-kind mobile device management solution, Trio is here to not only meet your security and productivity expectations but to exceed them. Trio is a platform that not only manages devices but also takes care of vulnerability management, endpoint detection and response (EDR), compliance monitoring, and provides visibility into endpoints.Starting Price: $6.00/employee -
33
vRx
Vicarius
Consolidate your software vulnerability assessment with one single vRx agent. Let vRx do the work so you can focus on and remediate the threats that matter most. vRx's prioritization engine using CVSS framework bases prioritization, plus AI of the specific security posture of your organization, and maps your digital environment to help you prioritize critical vulnerabilities for mitigation. vRx maps the potential consequences of a successful exploit within your unique digital infrastructure. CVSS metrics and context-based AI mapping provide the data needed to prioritize and mitigate critical vulnerabilities. For each detected app, OS, or asset vulnerability, vRx provides recommended actions that help you eliminate potential risks and stay resilient.Starting Price: $5 per asset per month -
34
activeDEFENCE
activereach
From malware to advanced persistent threats (APT) to extortion & internal breaches, threats to your organisation’s infrastructure are unrelenting. Today’s businesses must consider smartphones, tablets, and consumerization of IT, combined with telecommuters, contractors, partners, and business-critical services hosted in the cloud. Security is more important than ever—and far more complex. To defend your information and systems, you need an adaptable, multi-layered defensive strategy that encompasses all the components of your IT environment, from the network to the perimeter, data, applications and endpoints, minimising and managing the weak points and vulnerabilities that expose your organisation to risk. activereach’s end-to-end portfolio of network security solutions can protect your business from advancing threats, enhance network performance, and optimise operational efficiencies. -
35
Ivanti Neurons for RBVM
Ivanti
Ivanti Neurons for RBVM is a risk-based vulnerability management platform designed to help organizations prioritize and remediate cybersecurity risks efficiently. It continuously correlates vulnerability data, threat intelligence, and business asset criticality to provide a contextualized view of risk. The platform automates remediation workflows, including SLA management and real-time alerts, to accelerate vulnerability closure. Role-based access controls and customizable dashboards foster collaboration across security teams from SOC to C-suite. Ivanti’s proprietary Vulnerability Risk Rating (VRR) prioritizes vulnerabilities based on real-world threat context rather than severity alone. This enables security teams to focus on the most critical risks and reduce exposure to ransomware and other cyber threats. -
36
KACE by Quest
Quest Software
KACE® by Quest supports your unified endpoint management (UEM) strategy by helping you discover and track every device in your environment, automate administrative tasks, keep compliance requirements up-to-date and secure your network from a range of cyberthreats. Discover, manage and secure all your endpoints from one console as you co-manage your traditional and modern endpoints, including Windows, Mac, Linux, ChromeOS, and iOS and Android devices. KACE is a Unified Endpoint Management solution that offers a single point of control for managing IT systems across the entire organization, inside or outside your network. This comprehensive solution takes the stress out of keeping devices secure and compliant so you can do more.Starting Price: As low as $3/mo/device -
37
Nexpose
Rapid7
Vulnerability management software to help you act at the moment of impact Vulnerabilities pop up every day. You need constant intelligence to discover them, locate them, prioritize them for your business, and confirm your exposure has been reduced. Nexpose, Rapid7’s on-premises option for vulnerability management software, monitors exposures in real-time and adapts to new threats with fresh data, ensuring you can always act at the moment of impact. If you’re looking for more advanced capabilities such as Remediation Workflow and Rapid7's universal Insight Agent, check out our platform-based vulnerability management software, InsightVM. How stale is your data? A few days? A few weeks? With Nexpose, you’ll never act on intel older than a few seconds. Our vulnerability management software collects data in real-time, giving you a live view of your constantly shifting network. -
38
AttackTree
Isograph
Model system vulnerability, identify weakspots and improve security using threat analysis and attack trees. Construct graphical representations of measures designed to reduce the consequences of a successful attack with mitigation trees. AttackTree allows users to define consequences and attach them to any gate within the attack tree. In this way, it is possible to model the consequences of successful attacks on the target system. Mitigation trees may be used to model the effects of mitigating measures on the consequences resulting from a successful attack. Our software has been in continuous development since the 1980s and is the recognized standard for safety and reliability professionals. Analyze threats according to standards such as ISO 26262, ISO/SAE 21434 and J3061. Identify where your system is vulnerable to an attack. Improve the security of your assets and IT systems. Model consequence mitigation. -
39
Wabbi
Wabbi
Automatically assign security policies based on project attributes and your risk profile for each application, version, environment, and asset. Then, translate those policies into orchestrated workflows from ticket creation to scheduled scans, approvals and controls – all from one platform. Manage and orchestrate the full lifecycle of vulnerabilities from triggering scans proactively based on SDLC events and schedules, or reactively in response to security events to correlating and consolidating, rescoring based on application risk, and monitoring fix SLAs to ensure no vulnerability falls in the cracks. End-to-end management of the complete application security program as an integrated part of the SDLC ensures continuous security compliance, prioritization, and analysis throughout the lifecycle of the application as your single control point to reduce friction, scale AppSec and improve secure code quality.Starting Price: $8 per user per month -
40
Patches are software and operating system updates that address security vulnerabilities within an application. Software vendors constantly release patches to fix vulnerabilities and provide enhanced security features. Patching can be complex and time-consuming, but ignoring software updates isn’t an option. If patches are not installed in a timely manner, networks can be severely compromised. Patch Management solves these issues by making it easy to identify and deploy critical patches and monitor ongoing activity from a central cloud management console. Schedule automatic patch scans. Select from daily, weekly, or monthly options. Patches will be deployed automatically for all software applications. You can easily exclude any application that you don’t want to be patched. Easily see the status of all your patches, including missing patches and severity level. Schedule and deploy approved patches at desired times or manually deploy them to groups or individual devices.Starting Price: $15.49 per year
-
41
Adaptiva OneSite Patch
Adaptiva
OneSite Patch's automation capabilities revolutionize how businesses manage and deploy software updates, significantly reducing manual workload and minimizing the risk of human error. By streamlining the patch deployment process, companies can ensure their systems are always up to date with the latest security measures, enhancing overall cybersecurity posture with unparalleled efficiency. Rapidly remediate vulnerabilities with hands-free, fully automated patch management. Reduce manual workloads and intelligently automate even the most complex enterprise patching processes. IT and security teams can precisely mirror their desired patching rules, including phased deployments, approvals, testing, and notifications, then OneSite Patch takes care of the rest every time a new patch is available. IT and security teams can precisely mirror their desired patching strategies once, then automation takes care of the rest. When a new patch is available, it can be deployed without any intervention. -
42
BMC Helix Remediate
BMC Software
Automated security vulnerability management for 14X faster remediation. BMC Helix Remediate uses advanced analytics and automation to quickly fix security vulnerabilities and manage compliance of on-premises and cloud infrastructure. Strengthen security, ensure compliance, improve productivity, and lower costs. Imports and analyzes data from vulnerability scanners, maps vulnerabilities to assets and patches, sets priorities, and automates corrective action. Provides real-time visibility into security vulnerabilities, missing patches, and misconfigured resources. Uses simplified patching for rapid remediation of security vulnerabilities both on premises and in the cloud. Leverages automation to ensure compliance with external regulations and internal organizational policies. Automates configuration testing and remediation for resources on AWS, Azure, and GCP to ensure cloud services and containers are managed consistently and securely. -
43
Patchdeck
Patchdeck
Patchdeck is a cloud-based patch management solution for Windows, Linux and Mac. With Patchdeck IT professionals can quickly see which systems are missing patches and remediate vulnerabilities with one click. Patch policies allow to configure a fully automated patch process and reports show the patching health of an environment developing over time. Patchdeck provides advanced access control features so that IT teams can work together to keep their environment fully patched. Alerting via email or integrations and an API allows integrating Patchdeck into other security or management tools.Starting Price: $1 per month per endpoint -
44
Cloudaware
Cloudaware
Cloudaware is a cloud management platform with such modules as CMDB, Change Management, Cost Management, Compliance Engine, Vulnerability Scanning, Intrusion Detection, Patching, Log Management, and Backup. Cloudaware is designed for enterprises that deploy workloads across multiple cloud providers and on-premises. Cloudaware integrates out-of-the-box with ServiceNow, New Relic, JIRA, Chef, Puppet, Ansible, and over 50 other products. Customers deploy Cloudaware to streamline their cloud-agnostic IT management processes, spending, compliance and security.Starting Price: $0.008/CI/month -
45
Syxsense Secure
Syxsense
Syxsense Secure is world’s first IT management and security solution that combines vulnerability scanning, patch management, and EDR capabilities in a single cloud console. With insight into the health of every endpoint across your network, you get the peace of mind that comes from predicting, preventing, and eliminating threats in real time. Make exposed risk and attack vectors a thing of the past. -
46
Patch My PC
Patch My PC
Save more time than you ever thought possible and improve security by automating the patching of third-party applications in Microsoft ConfigMgr and Intune. Extend beyond patching, auto-create applications for the initial deployment of products in Microsoft SCCM and Intune. Including icons, keywords, descriptions, and much more! We'll keep the base installs up to date automatically — no need to deploy outdated apps and wait for the updates to apply after the fact. Use existing installation methods within SCCM including task sequences and collection deployments for the initial installation of products. Add your own custom pre/post-update scripts to perform environment-specific configurations when needed. Disable the self-update feature within applications to ensure you can manage when and how updates apply in your enterprise.Starting Price: $2 per device per year -
47
JetPatch
JetPatch
Powerful features that give you complete visibility and control of patch compliance across all environments. Eliminate patching blind spots and get a comprehensive patch compliance report. View and analyze the entire patch remediation process in a single, easy-to-understand dashboard. Ensure your systems are always up-to-date. Streamline patch and vulnerability remediation across infrastructure and company silos, saving time, preventing errors and reducing time-to-remediation. JetPatch analyzes and learns the root causes of remediation delays and automatically corrects them. Shorten scheduled downtime windows by creating a more efficient process (more patches in the same DT window). Increases security because patches are done quicker. -
48
Waratek
Waratek
Integrate seamless security into the software delivery lifecycle to improve efficiency and agility. Ensure security policies are flexible, human readable, and not impacted by technical debt. Deploy applications securely across on-premises, hybrid, or cloud infrastructures. Automate systems' adherence to desired security behavior to minimize delays & fire drills. Execute the security of your apps in the runtime with a performance impact of less than 3% in production. We see agent-less solutions as a major disadvantage for highly regulated organizations that have tight security requirements. This is why Waratek leverages an agent to ensure its autonomous behavior that can secure unknown threats for themselves unlike agent-less models. Virtually upgrade apps and dependencies like Log4j without code changes, vendor patches, or downtime. -
49
AWS Systems Manager
Amazon
AWS Systems Manager is a comprehensive solution that enables centralized visualization, management, and operation of nodes at scale across AWS, on-premises, and multi-cloud environments. It provides a unified console experience, consolidating various tools to facilitate common node tasks across AWS accounts and regions. With Systems Manager, you can automate routine operational tasks, reducing the time and effort required for system maintenance. It offers secure remote management of nodes without the need for bastion hosts, SSH, or remote PowerShell, simplifying operations and enhancing security. The platform also supports automated patching of operating systems and software, ensuring that your infrastructure remains up-to-date and compliant. Additionally, Systems Manager provides real-time insights into your node infrastructure, allowing for quick identification and resolution of issues. Its integration capabilities extend across hybrid and multi-cloud environments. -
50
ConfigOS
SteelCloud
ConfigOS is currently implemented in classified and unclassified environments, tactical and weapon system programs, disconnected labs, and the commercial cloud. ConfigOS is client-less technology, requiring no software agents. ConfigOS scans endpoint systems and remediates hundreds of STIG controls in under 90 seconds. Automated remediation rollback as well as comprehensive compliance reporting and STIG Viewer Checklist output are provided. ConfigOS was designed to harden every CAT 1/2/3 STIG control around an application baseline in about 60 minutes - typically eliminating weeks or months from the RMF accreditation timeline. ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components. The same instance of ConfigOS addresses Red Hat 5/6/7, SUSE, Ubuntu, and Oracle Linux. ConfigOS content includes over 10,000 STIG and CIS controls. New functionality in Command Center includes a patent-pend