Alternatives to Scuba Database Vulnerability Scanner
Compare Scuba Database Vulnerability Scanner alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Scuba Database Vulnerability Scanner in 2026. Compare features, ratings, user reviews, pricing, and more from Scuba Database Vulnerability Scanner competitors and alternatives in order to make an informed decision for your business.
-
1
Windocks
Windocks
Windocks is a leader in cloud native database DevOps, recognized by Gartner as a Cool Vendor, and as an innovator by Bloor research in Test Data Management. Novartis, DriveTime, American Family Insurance, and other enterprises rely on Windocks for on-demand database environments for development, testing, and DevOps. Windocks software is easily downloaded for evaluation on standard Linux and Windows servers, for use on-premises or cloud, and for data delivery of SQL Server, Oracle, PostgreSQL, and MySQL to Docker containers or conventional database instances. Windocks database orchestration allows for code-free end to end automated delivery. This includes masking, synthetic data, Git operations and access controls, as well as secrets management. Windocks can be installed on standard Linux or Windows servers in minutes. It can also run on any public cloud infrastructure or on-premise infrastructure. One VM can host up 50 concurrent database environments. -
2
ScaleGrid
ScaleGrid
ScaleGrid is a fully managed Database-as-a-Service (DBaaS) platform that helps you automate your time-consuming database administration tasks both in the cloud and on-premises. Easily provision, monitor, backup and scale your open source databases with high availability, advanced security, full superuser and SSH access, query analysis, and troubleshooting support to improve the performance of your deployments. Supported databases include: - MySQL - PostgreSQL - Redis™ - MongoDB® database - Greenplum™ (coming soon) The ScaleGrid platform supports both public and private clouds, including AWS, Azure, Google Cloud Platform (GCP), DigitalOcean, Linode, Oracle Cloud Infrastructure (OCI), VMware and OpenStack. Used by thousands of developers, startups, and enterprise customers including Atlassian, Meteor, and Accenture, ScaleGrid handles all your database operations at any scale so you can focus on your application performance.Starting Price: $8 per month -
3
SaltStack
SaltStack
SaltStack is an intelligent IT automation platform that can manage, secure, and optimize any infrastructure—on-prem, in the cloud, or at the edge. It’s built on a unique and powerful event-driven automation engine that detects events in any system and reacts intelligently to them, making it an extremely effective solution for managing large, complex environments. With the newly launched SecOps offering, SaltStack can detect security vulnerabilities and non-compliant, mis-configured systems. As soon as an issue is detected, this powerful automation helps you and your team remediate it, keeping your infrastructure securely configured, compliant, and up-to-date. The SecOps suite includes both Comply and Protect. Comply scans and remediates against CIS, DISA-STIG, NIST, PCI, HIPAA compliance standards. And Protect scans for vulnerabilities and patches and updates your operating systems. -
4
Omega DB Security Reporter
DATAPLUS
Omega DB Security Reporter is a security auditing, software-only, and out-of-box solution for Oracle databases. It implements quick reporting, visualization and documentation of the security posture of the Oracle database and addresses the internal and external security compliance requirements. Omega DB Security Reporter provides detailed, integrated, categorized and evaluated assessment of the Oracle Database, enabling the security personnel to dispense with this complex task in a few minutes. Omega DB Security Reporter enables assessment, reporting, visualization and documentation of the security posture of your Oracle database on the following security areas of top importance: Privileges: for system, objects, and roles Audits: on system privileges, user statements, audited system actions, object privileges and operations audits Others: User password profile resources Initialization (security) parametersStarting Price: $899 USD -
5
IBM Guardium Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities and suggest remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes and misconfigured privileges. Full reports are provided as well as suggestions to address all vulnerabilities. Guardium Vulnerability Assessment detects behavioral vulnerabilities such as account sharing, excessive administrative logins and unusual after-hours activity. It identifies threats and security gaps in databases that could be exploited by hackers. Discover and classify sensitive data in heterogeneous environments. View detailed reporting on entitlements and risky configurations. Automate compliance audits and exception management.
-
6
DBArtisan
IDERA
Proactively manage all major DBMSs (SQL Server, Azure SQL Database, Oracle Database, Sybase ASE and IQ, Db2 LUW and z/OS, Redshift, MySQL, PostgreSQL, and Greenplum) from a single common interface. Reduce training requirements and streamline collaboration among different teams across the organization. Manage multiple Oracle-specific schema object types and SQL Server advanced object properties such as temporal tables, in-memory tables, and natively compiled triggers, procedures and functions. Comprehensive tools help you manage space, data and performance to keep your databases optimized and available. Manage the performance of your databases with a built-in process monitor that helps you understand who is connected to your database along with each user's current activity and session-related data. Sophisticated diagnostics help you pinpoint performance inefficiencies that result in poor space management, tracking key database metadata and performance metrics over time. -
7
SecurityMetrics Perimeter Scan
SecurityMetrics
Comprehensive Vulnerability Assessment Scan For Network Security. Vulnerability scans and network scans find top cybersecurity risks such as misconfigured firewalls, malware hazards, remote access vulnerabilities, and can be used for cyber security or compliance mandates like PCI Compliance (PCI DSS) and HIPAA. Add and remove your own targets through your Perimeter Scan Portal. You can mass upload scan targets and groups. You can group and label scan targets to make it easier to manage by location, network type, or unique circumstances at your organization. Run port scans on your most sensitive targets more frequently, test in scope PCI targets quarterly, or test designated IPs after changes to your network with simplicity. Vulnerability scanning reports list the target, vulnerability type, service (e.g., https, MySQL, etc.), and the severity of each vulnerability (low, medium, high).Starting Price: $99.00/one-time -
8
ManageEngine Vulnerability Manager Plus
ManageEngine
Enterprise vulnerability management software. Vulnerability Manager Plus is an integrated threat and vulnerability management software that delivers comprehensive vulnerability scanning, assessment, and remediation across all endpoints in your network from a centralized console. Scan and discover exposed areas of all your local and remote office endpoints as well as roaming devices. Leverage attacker-based analytics, and prioritize areas that are more likely to be exploited by an attacker. Mitigate the exploitation of security loopholes that exist in your network and prevent further loopholes from developing. Assess and prioritize vulnerabilities based on exploitability, severity, age, affected system count, as well as the availability of the fix. Download, test, and deploy patches automatically to Windows, Mac, Linux, and over 250 third-party applications with an integral patching module—at no additional cost.Starting Price: $695 per user per year -
9
Sonatype Vulnerability Scanner
Sonatype
Sonatype’s Vulnerability Scanner is a tool designed to help developers identify security risks and compliance issues in their open-source components. It provides users with a comprehensive Software Bill of Materials (SBOM), which lists all open-source dependencies and highlights vulnerabilities and license risks. The platform offers real-time scanning and actionable insights, allowing teams to assess the severity of risks and implement fixes swiftly. With automated scans and detailed reports, Sonatype’s Vulnerability Scanner helps organizations secure their applications, manage third-party dependencies, and maintain compliance across their software environments. -
10
PatrOwl
PatrOwl.io
PatrowlHears supports your vulnerability watch process for your internal IT assets (OS, middleware, application, Web CMS, Java/.Net/Node library, network devices, IoT). Vulnerabilities and related exploitation notes at put at your disposal. Scan continuously websites, public IP, domains and subdomains for vulnerabilities, misconfigurations. Perform the reconnaissance steps, including the asset discovery and the full-stack vulnerability assessment and the remediation checks. Automation of static code analysis, external resources assessment and web application vulnerability scans. Access a comprehensive and continuously updated vulnerability database scored and enriched with exploit and threat news information. Metadata are collected and qualified by security experts from public OSINT and private feeds.Starting Price: €49 per month -
11
Trustwave DbProtect
Trustwave
A highly scalable database security platform that enables organizations to secure their relational databases and big data stores, both on premises and in the cloud, with a distributed architecture and enterprise-level analytics. Databases contain sensitive and proprietary information, making them a prized target for cybercriminals who are constantly looking for ways to access valuable data for large financial payoffs. Trustwave DbProtect helps your business overcome resource limitations to uncover database configuration errors, access control issues, missing patches, and other weaknesses that could lead to data leakage and misuse and other serious repercussions. A real-time view of database assets, vulnerabilities, risk levels, user privileges, anomalies and incidents via a single intuitive dashboard. The ability to detect, alert and take corrective action against suspicious activities, intrusions and policy violations. -
12
Trellix Database Security
Trellix
Trellix Database Security finds and protects sensitive information in databases from accidental leakage and intentional exposure while maintaining security, optimizing performance, and managing access. Discover sensitive and proprietary information in databases across the environment. Improve regulatory compliance by blocking unauthorized access to sensitive data. Address vulnerabilities quickly, with little to no downtime. Monitor, log, and control database access, in addition to identifying and blocking potential threats before they can damage the environment. Perform automated scans to find supported databases and the sensitive data they contain. Identify and prioritize known vulnerabilities, and receive detailed remediation advice. Protect databases from known and unknown vulnerabilities without downtime. Stop intrusions and other exploits before they impact your environment. -
13
Oracle Data Safe
Oracle
Data Safe is a unified control center for your Oracle Databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements. Whether you’re using Oracle Autonomous Database. Oracle Database Cloud Service (exadata, virtual machine, or bare metal), or Oracle Databases on-premises in your own data center, Data Safe delivers essential data security capabilities that help you reduce risk and improve security. Assess user risk by highlighting critical users, roles and privileges. Configure audit policies and collect user activity to identify unusual behavior. Discover sensitive data and understand where it is located. Remove risk from non-production data sets by masking sensitive data. -
14
BladeLogic Database Automation
BMC Software
BladeLogic Database Automation is a multi-platform database automation solution that enables database administrators to deploy, patch, upgrade and maintain databases in 1/10th the normal provisioning time. Thus, administrators get more time to support the rollouts of new apps. In today’s digital economy, innovative applications depend on fast-performing databases. Skilled database administrators spend a majority of their time ensuring the existing environments are well maintained, compliant, and secure. Security threats seek vulnerabilities at the database level, which put more pressure on IT to keep current on patches and compliance policies. This gives IT little time to optimize database configurations and queries or push out new features for application releases. -
15
Delinea’s Database Access Controller enables enterprises to adopt modern cloud databases from AWS, Google, Azure, Oracle, Redis, and others while still enforcing appropriate access levels, multi-factor authentication, complete reporting, and auditing workflows. Proxy connections through a centralized portal and restrict direct database access. Protect databases with layered authentication, authorization, and granular role-based access controls. Provides time-based access, auditable logs, and reports to generate alerts and notifications. Gain granular access control to databases, such as Oracle, MySQL, PostgreSQL, MariaDB, MongoDB, Redis, AWS RDS, and Google DB, whether on-premise or in the cloud. See who is accessing databases and govern their database access using capabilities such as multi-factor authentication (MFA) and logging activities for tighter database security. Secure database access to protect your most valuable information.
-
16
ScanFactory
ScanFactory
ScanFactory is an Attack Surface Management & Continuous Automated Vulnerability Assessment Platform that provides realtime security monitoring across all external assets of a company by enumerating & scanning its entire network infrastructure utilizing 15+ most trusted community-backed security tools & extensive database of exploits. Its vulnerability scanner stealthily performs a deep & continuous reconnaissance to map your entire external attack surface & are extended with handpicked top-rated premium plugins, custom wordlists & plethora of vulnerability signatures. Its dashboard can be used to discover & review all vulnerabilities sorted by CVSS & has enough information to understand, replicate & remediate the issue. It also has capability to export alerts to Jira, TeamCity, Slack & WhatsApp.Starting Price: $50 -
17
Indusface WAS
Indusface
Get the most comprehensive application security audit done today. Indusface WAS with its automated scans & manual pen-testing ensures none of the OWASP Top10, business logic vulnerabilities and malware go unnoticed. With zero false positive guarantee and comprehensive report with remediation guidance, Indusface web app scanning ensures developers quickly fixes vulnerabilities. The proprietary scanner built ground up, keeping js framework driven, single page applications in mind to provide complete & intelligent crawling. With latest threat intelligence, get extensive web app scanning for vulnerabilities, and malware. Support on a functional understanding of logical flaws for an in-depth security audit.Starting Price: $49 per month -
18
Edgescan
Edgescan
Validated web application vulnerability scanning on-demand when you want it, and scheduled as often as you need. Validation and rating of risk, trending and metrics on a continuous basis, all available via our rich dashboard for superior security intelligence. You can use the vulnerability scanning and validation service as much as you like, Retest on demand. Edgescan can also alert you if a new vulnerability is discovered via SMS/email/Slack or Webhook. Server Vulnerability Assessment (Scanning and Validation) covering over 80,000 tests. Designed to help ensure your deployment be it in the cloud or on premise is secure and configured securely. All vulnerabilities are validated and risk rated by experts and available via the dashboard to track and report on when required. Edgescan is a certified ASV (Approved Scanning Vendor) and exceeds requirements of the PCI DSS by providing continuous, verified vulnerability assessments. -
19
Hacker Target
Hacker Target
Simplify the security assessment process with hosted vulnerability scanners. From attack surface discovery to vulnerability identification, actionable network intelligence for IT & security operations. Proactively hunt for security weakness. Pivot from attack surface discovery to vulnerability identification. Find security holes with trusted open source tools. Get access to tools used by penetration testers and security professionals around the world. Hunt vulnerabilities from the attackers perspective. Simulating real world security events, testing vulnerabilities and incident response. Discover the attack surface with tools and open source intelligence. Protect your network with improved visibility. Over 1 million scans performed last year. Our vulnerability scanners have been launching packets since 2007. Fixing security issues requires you find them. Identify the issue, re-mediate the risk and test again to be sure.Starting Price: $10 per month -
20
DBHawk
Datasparc
Using DBHawk, our customers were able to comply with GDPR, HIPAA, SOX, GLBA, and other regulations and were able to implement SOD. Self-Service BI & Ad-Hoc Reporting Tool with feature to define Data Access Policy, Connect to multiple Data sources, Build Powerful SQL Charts and data Dashboards. DBHawk SQL editor is an advanced editor that allows users to build, edit, and run database queries with a web-based interface. DBHawk Query Builder is supported with all major databases such as Oracle, Microsoft SQL Server, PostgreSQL, Greenplum, MySQL, DB2, Amazon Redshift, Hive, Amazon Athena. Database SQL tasks and batch job automation with a web-based centralized tool. Secure access to SQL, NoSQL and Cloud databases with our all-in-one data platform. Trusted by our customers to protect and access their data. Centralized Security, Auditing and insights about your user’s activities.Starting Price: $99.00/month/user -
21
PDQ Detect
PDQ
Avoid wasting time on vulnerabilities that will never meaningfully impact your organization. PDQ Detect helps you secure your Windows, Apple, and Linux devices by prioritizing the highest risk vulnerabilities. Cut through the noise and get your continuous remediation plan rolling with: 1. Full attack surface visibility — Scan all on-prem, remote, and internet-facing assets to gain full visibility of your attack surface in real time. 2. Consumable, contextual risk prioritization — PDQ Detect leverages machine learning to identify vulnerabilities that are currently exploitable in your specific environment. 3. Effective remediation & reporting — Get clear remediation steps, prioritized by impact and exploitability. Utilize automated or custom reports.Starting Price: $18/device -
22
Cloudxray
Cloudnosys
CloudXray is a cloud workload scanning solution that operates in two deployment modes; basic for misconfiguration detection and advanced for full malware, OS vulnerability, and misconfiguration scanning. The architecture consists of an orchestrator deployed in a single region and distributed scanners covering all discovered regions, making it fully compatible with both AWS and GCP environments. It uses an agentless approach to inspect workloads and volumes across your cloud account for malware, CVEs, and policy deviations. The solution provisions scanning instances on demand, integrates via roles and APIs, and provides continuous coverage of cloud resources without requiring persistent agents. CloudXray supports rapid deployment and is optimized for scalable, multi-region cloud workloads. It is designed to help organizations maintain a secure posture across compute instances, storage volumes, and OS layers by combining configuration assessment, vulnerability detection, and more. -
23
Hakware Archangel
Hakware
Hakware Archangel is an Artificial Intelligence based vulnerability scanner and pentesting tool. Archangel scanner enables organizations to monitor their networks, systems, and applications for security vulnerabilities with advanced Artificial intelligence continuously testing your environment. Why use Archangel? -Identify vulnerabilities before cyber criminals do -Our vulnerability scanning mitigates the risks of a data breach, which will come with a range of costs, including remediation, the loss of customers as a result of reputational damage and fines -Vulnerability scanning is not explicitly required by the GDPR (General Data Protection Regulation) or POPI (Protection Of Personal Information Act), but the -Regulation does require organisations that process personal data to ensure that they have implemented appropriate technical and organisational security measures – which includes identifying vulnerabilities -The international standard for information security, ISO 27001Starting Price: $100 -
24
AppDetectivePRO
Trustwave
A database and big data scanner that identifies configuration mistakes, identification and access control issues, missing patches, and any toxic combination of settings that could lead to bad outcomes like data loss and DDoS attacks. Databases are critical repositories of customer information and intellectual property, making them enticing targets for cybercriminals. Trustwave AppDetectivePRO allows your business to discover, assess and report in minutes on the security, risk or compliance posture of any database or big data store within your environment – on premises or in the cloud. AppDetectivePRO is a database and big data scanner that identifies configuration mistakes, identification and access control issues, missing patches, and any toxic combination of settings that could lead to escalation of privilege attacks, data leakage, denial-of-service (DoS), or the unauthorized modification of data held within data stores. -
25
Alibaba Cloud Security Scanner
Alibaba
Cloud Security Scanner utilizes data, white hat penetration testing, and machine learning to provide an all-in-one security solution for domains and other online assets. CSS detects web vulnerabilities, illicit content, website defacement, and backdoors to prevent possible financial loss caused by damage to your brand reputation. Cloud Security Scanner comprehensively detects any risks to your website and online assets, such as web vulnerabilities, weak passwords, website defacement, and Trojan attacks. The system scans all source code, text, and images for vulnerabilities. Developed through penetration testing, WTI has built-in multi-layer verification rules to ensure high accuracy of vulnerability detection. The system uses comprehensive decision making and model-based analysis, to provide accurate detection of content risks. Submit any questions about the scanning results to our team of experts. -
26
Mageni
Mageni Security
Mageni provides a free vulnerability scanning and management platform which helps you need to find, prioritize, remediate and manage the vulnerabilities. Mageni has everything you need to scan and manage your vulnerabilities. Perform unlimited scans for unlimited assets without restrictions or hidden costs. The scanner detects is compliant with CVE and CVSS. Use smart and powerful dashboards to manage the vulnerabilities of your assets. Configure easily the scans to run in the window of time of your preference.Starting Price: $39 per month -
27
Vulkyrie
Vulkyrie
More than 100,000 vulnerabilities were reported for commonly used software over the last five years. In 2019 alone, more than 22,000 were reported and 1 out of 3 was given a High or Critical severity rating. Our free vulnerability scanning can help find your security issues before the bad guys do. Our Free plan comes with no limits on the number of IP addresses and URLs, and no limits on the number of vulnerability scans you can run. Unlike free trials, free versions or community editions of other vulnerability assessment tools, you no longer have to choose between your web servers, Windows servers, network devices or virtual machines. Take the first step towards better vulnerability management without the complexity and steep learning curve. Our web-based solution provides you with an easy-to-use interface to manage your security testing. Simply add your IP address or URL to start a scan and use our portal to get the issues and recommended security measures.Starting Price: $99 per month -
28
Rocket z/Assure VAP
Rocket Software
Rocket z/Assure Vulnerability Analysis Program (VAP) is a specialized mainframe security solution that scans and analyzes vulnerabilities in IBM z/OS operating system code to help organizations identify, assess, track, and mitigate security risks that could expose critical data. Unlike traditional vulnerability tools that focus on application layers, z/Assure VAP conducts thorough and precise binary code scanning at the OS level to detect zero-day and integrity-based vulnerabilities without relying on signature files, using an Interactive Application Security Testing (IAST)-style approach to pinpoint real weaknesses and guide developers to the exact code requiring remediation. It generates detailed vulnerability disclosure reports that provide actionable insights and clear paths to fix issues, enabling teams to prioritize risk, strengthen defenses, and make mainframe vulnerability management a repeatable part of IT security and compliance programs. -
29
SiteLock
SiteLock
We secure websites by automatically finding and fixing threats. Automatically protect your website, reputation, and visitors against cyberthreats. Comprehensive website security software protects your website from malicious cyber threats. This includes the protection of your site code and web applications. Depending on your website security package, you’ll receive daily website scans, automated malware removal, and vulnerability/CMS patching, as well as a web application firewall to block harmful traffic before it ever reaches your site. Our website security scan instantly checks your website from malware, viruses and other cyber threats and alerts you to found issues. Detect and automatically remove malicious content from your website, creating a safe experience for your customers. Easily check for website vulnerabilities in your CMS with our vulnerability scanner before they are exploited. -
30
Panoptic Scans
Panoptic Scans
Panoptic Scans is a vulnerability scanning software offering automated security assessments for applications and networks. Leveraging OpenVAS, ZAP, Nuclei, and Nmap, it identifies security issues and scans for OWASP Top 10 vulnerabilities, delivering detailed reports for easy remediation. The Attack Narratives feature illustrates how weaknesses can be exploited in combination by attackers. Scheduled scanning ensures consistent monitoring without manual effort, while OpenVAS and ZAP provide thorough network and application security testing. The platform includes a user-friendly interface, email notifications, and fully managed scanners, removing server maintenance concerns. It supports white-label reporting and ensures reliable performance through its managed infrastructure.Starting Price: $25/month -
31
Zenmap
Zenmap
Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database. You can download Zenmap (often packaged with Nmap itself) from the Nmap download page. Zenmap is quite intuitive, but you can learn more about using it from the Zenmap User's Guide or check out the Zenmap man page for some quick reference information. -
32
DigitSec S4
DigitSec
S4 establishes Salesforce DevSecOps in the CI/CD pipeline in under an hour. S4 empowers developers to find & fix vulnerabilities before production where they can lead to a data breach. Securing Salesforce during development reduces risk and accelerates the pace of deployment. S4 for Salesforce™, our patented SaaS Security Scanner™, automatically assesses Salesforce security posture with its full-spectrum continuous application security testing (CAST) platform purpose-built to detect Salesforce vulnerabilities with its four integrated scans for fast and effortless detection. Static Source Code Analysis (SAST), Interactive Runtime Testing (IAST), Software Composition Analysis (SCA), and Cloud Security Configuration Review. Our static application security testing (SAST) engine is a core feature of S4, providing automated scanning and analysis of all custom source code in your Salesforce Org including Apex, VisualForce, Lightning Web Components, and related-JavaScript. -
33
OraDump-to-MySQL
Intelligent Converters
OraDump-to-MySQL is a program to export data from Oracle dump files into MySQL, MariaDB or Percona database. The program does direct reading from the dump, so Oracle installation is not required. Command line support allows to script, automate and schedule the conversion process. Key features: All versions of Oracle dump files are supported (both EXP and EXPDP); All versions of Linux/Unix and Windows MySQL are supported with forks (MariaDB, Percona) and DBaaS variations; Option to merge Oracle data into an existing MySQL database; Parallel export Oracle dump files are supported; Option to convert Oracle data into MySQL dump fileStarting Price: $99 -
34
Covail
Covail
Covail’s Vulnerability Management Solution (VMS) is designed with an easy-to-use tool where IT security teams can assess applications and network scans, understand threats on their attack surface, continuously track vulnerabilities, and manage priorities. More than 75% of enterprise systems have at least one security vulnerability. And, attackers aren’t hesitating to take advantage. Our managed security service helps you know where and how to start building a consistent 360-degree view of cybersecurity attacks, risks, and threats. We will enable you to make more informed decisions about threat and vulnerability management. Maintain ongoing situational awareness of threats as they relate to known vulnerabilities through trending threats and CVE® (common vulnerabilities and exposures) lists. Effectively understand your vulnerabilities by asset, by application, and by scan, as well as how they map to frameworks. -
35
ConnectSecure
ConnectSecure
ConnectSecure is an all-in-one SaaS vulnerability and compliance management platform built for managed-service providers to secure client environments, manage risk, and scale security services profitably. It performs continuous vulnerability assessments and asset discovery across networks, servers, endpoints, cloud services, web apps, and external infrastructure; it includes both agent-based or “probe/lightweight” scanning and external attack-surface scanning. It identifies open ports, misconfigurations, out-of-date software, exposed systems, cloud-environment risks, and web-application vulnerabilities, surfacing over 230,000 known CVEs, daily updated from public vulnerability databases. ConnectSecure also automates patching for many applications, offers compliance-management tools aligned with major frameworks (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO), and delivers continuous monitoring of cloud, on-premises, and hybrid environments. -
36
Frontline Vulnerability Manager is more than a just a network vulnerability scanner or vulnerability assessment. It's a proactive, risk-based vulnerability and threat management solution that is a vital part of any cyber risk management program. Its robust features set it apart from other VM solutions, providing vital security information in a centralized, easily understood format so you can protect your business-critical assets efficiently and effectively. More than ever, cyber attackers are looking for vulnerabilities they can exploit in a company’s network. So having a vulnerability management solution in place is critical. A vulnerability management program is far more than just a vulnerability assessment, vulnerability scanner, or patch management. The best vulnerability management solutions use an ongoing process that regularly identifies, evaluates, reports and prioritizes vulnerabilities in network systems and software.
-
37
Intruder
Intruder
Intruder is an international cyber security company that helps organisations reduce their cyber exposure by providing an effortless vulnerability scanning solution. Intruder’s cloud-based vulnerability scanner discovers security weaknesses across your digital estate. Offering industry-leading security checks, continuous monitoring and an easy-to-use platform, Intruder keeps businesses of all sizes safe from hackers. Receive actionable results prioritised by context. Intruder interprets raw data received from leading scanning engines, so you can focus on the issues which truly matter, such as exposed databases. Intruder's high-quality reports help you sail through customer security questionnaires, and make compliance audits like SOC2, ISO27001, and Cyber Essentials a breeze. -
38
Outpost24
Outpost24
Understand your attack surface with a unified view and reduce cyber exposure from an attacker’s view with continuous security testing across networks, devices, applications, clouds and containers. Having more information alone won’t help you. Even the most experienced security team can be blindsided by the sheer amount of alerts and vulnerabilities they have to deal with. Powered by threat intelligence and machine learning our tools provide risk-based insights to help prioritize remediation and reduce time to patch. Our predictive risk based vulnerability management tools ensure your network security is proactive – helping you reduce time to remediation and patch more effectively. The industry’s most complete process to continuously identify application flaws and secure your SDLC for safer and faster software releases. Secure your cloud migration with cloud workload analytics ,CIS configuration assessment and contain inspection for multi and hybrid clouds. -
39
The growing security threats and ever-expanding privacy regulations have made it necessary to limit exposure of sensitive data. Oracle Data Masking and Subsetting helps database customers improve security, accelerate compliance, and reduce IT costs by sanitizing copies of production data for testing, development, and other activities and by easily discarding unnecessary data. Oracle Data Masking and Subsetting enables entire copies or subsets of application data to be extracted from the database, obfuscated, and shared with partners inside and outside of the business. The integrity of the database is preserved assuring the continuity of the applications. Application Data Modeling automatically discovers columns from Oracle Database tables containing sensitive information based on built-in discovery patterns such as national identifiers, credit card numbers, and other personally identifiable information. It also automatically discovers parent-child relationships defined in the database.Starting Price: $230 one-time payment
-
40
VulnSign
VulnSign
VulnSign is an online vulnerability scanner that is fully automated, customer-orient configurable and has advanced features. VulnSign can scan any type of web application, regardless of the technology it was built with. It uses a Chrome based crawling engine and can identify vulnerabilities in legacy, and custom built, modern HTML5, Web 2.0 applications and Single Page Applications (SPA). It also has vulnerability checks for popular frameworks. The VulnSign vulnerability scanner is very easy to use and most of the pre-scan configuration can be automated. It is an all in one vulnerability management solution, with multi user support and integration capabilities. Though to test it all you need to do is specify the URL and credentials (to scan password protected websites), and launch a vulnerability scan.Starting Price: $49/month/team -
41
Tenable Web App Scanning
Tenable
Unified web app and API scanning that’s simple, scalable, and automated. Whether it’s the top 10 risks from OWASP, vulnerable web app components, or APIs, Tenable Web App Scanning gives you comprehensive dynamic application security testing (DAST). Web application security from the largest vulnerability research team in the industry. Deliver immediate value with fast web application scans to discover common security hygiene issues that run in two minutes or less. Set up a new web app scan in a few seconds by leveraging the same vulnerability management workflows you are already familiar with. Configure weekly or monthly automated testing of all of your applications. Create fully customizable dashboards and widget visualizations to integrate IT, cloud, and web application vulnerability data into a single, unified view. Tenable Web App Scanning is available as a cloud-based solution and is now on-premises seamlessly integrated into Tenable Security Center. -
42
Scriptcase
Netmake
An efficient web development low-code platform. It helps you to create complete web systems and Business Intelligence solutions fast and easy! Scriptcase enables you to design, develop and elegant, responsive, database-driven applications using only your web browser. A powerful PHP generator for you to develop fast, simple, secure at a low cost. Connect with your database (MySQL, MariaDB, PostgreSQL, SQLite, Interbase, SQL Azure, Amazon Aurora, Firebird, Access, Oracle, MS SQLServer, DB2, SyBase, Informix or ODBC layer) and generate web applications based on your tables, simply and safely. Make the data access and maintenance an uncomplicated step! Scriptcase offers an XLS, CSV and ACCESS spreadsheet import and conversion features for the databases supported by Scriptcase. With this import tool you can easily transform your spreadsheets into system applications.Starting Price: $349 -
43
OpenVAS
Greenbone Networks
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. The scanner obtains the tests for detecting vulnerabilities from a feed that has a long history and daily updates. OpenVAS has been developed and driven forward by the company Greenbone Networks since 2006. As part of the commercial vulnerability management product family Greenbone Enterprise Appliance, the scanner forms the Greenbone Vulnerability Management together with other Open Source modules. -
44
Oracle Audit Vault and Database Firewall monitors Oracle and non-Oracle database traffic to detect and block threats, as well as improves compliance reporting by consolidating audit data from databases, operating systems, directories, and other sources. It can be deployed on-premises or in the Oracle Cloud. Oracle Audit Vault and Database Firewall (AVDF) is a complete Database Activity Monitoring (DAM) solution that combines native audit data with network-based SQL traffic capture. AVDF includes an enterprise quality audit data warehouse, host-based audit data collection agents, powerful reporting and analysis tools, alert framework, audit dashboard, and a multi-stage Database Firewall. Dozens of out-of-the-box compliance reports provide easy, schedulable, customized reporting for regulations such as GDPR, PCI, GLBA, HIPAA, IRS 1075, SOX, and UK DPA.
-
45
Enginsight
Enginsight
Enginsight is an all-in-one cybersecurity platform made in Germany, combining threat detection and defense capabilities. The features are: Automated security checks, pentesting, IDS/IPS, micro segmentation, vulnerability scans, and risk assessments. It empowers businesses of all sizes to effortlessly implement and monitor robust security strategies through an intuitive interface. Scan your systems automatically and immediately recognize the security status of your IT infrastructure. 100% self-developed (security by design) and has no dependencies on third-party tools. Permanently scan your IT environment for existing devices and create a live image of your IT infrastructure. Automatic detection and unlimited IP inventory of all network devices, as well as their classification. Enginsight provides a comprehensive solution for monitoring and securing your Windows servers, Linux servers and end devices such as Windows PCs or Linux . Start your 15 day free trial now.Starting Price: $12.99 per month -
46
Vega
Subgraph
Vega can help you find and validate SQL Injection, cross-site scripting, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. Vega can help you find vulnerabilities such as: reflected cross-site scripting, stored cross-site scripting, blind SQL injection, remote file include, shell injection, and others. Vega also probes for TLS / SSL security settings and identifies opportunities for improving the security of your TLS servers. Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds, SQL injection, and other vulnerabilities. Vega includes a website crawler powering its automated scanner. Vega can automatically log into websites when supplied with user credentials. -
47
WebReaver
Websecurify
WebReaver is an elegant, easy to use and fully-automated, web application security security testing tool for Mac, Windows and Linux, suitable for novice as well as advanced users. WebReaver allows you easily test any web application for a large variety of web vulnerabilities from the sever kinds such as SQL Injection, local and remote file Includes, command Injection, cross-site scripting and expression Injection to the less severe ones such as variety of session and headers problems, information leakage and many more. Automated security testing technologies, such as those, which rely on scanning, fuzzing, sending arbitrary malicious data to detect security defects, can seriously damage the web applications they are used against. Therefore, it is often recommended to perform automated tests only against systems in demo, testing or pre-production environments. -
48
Nsauditor Network Security Auditor is a powerful network security tool designed to scan networks and hosts for vulnerabilities, and to provide security alerts. Network Security Auditing Software and Vulnerability Scanner Network Security Auditing Software and Vulnerability Scanner Nsauditor network auditor checks enterprise network for all potential methods that a hacker might use to attack it and create a report of potential problems that were found. Network Security Auditing Software and Vulnerability Scanner Network Security Auditing Software and Vulnerability Scanner Nsauditor network auditing software significantly reduces the total cost of network management in enterprise environments by enabling IT personnel and systems administrators gather a wide range of information from all the computers in the network without installing server-side applications on these computers and create a report of potential problems that were found.Starting Price: $69 one-time payment
-
49
DxEnterprise
DH2i
DxEnterprise is multi-platform Smart Availability software built on patented technology for Windows Server, Linux and Docker. It can be used to manage a variety of workloads at the instance level—as well as Docker containers. DxEnterprise (DxE) is particularly optimized for native or containerized Microsoft SQL Server deployments on any platform. It is also adept at management of Oracle on Windows. In addition to Windows file shares and services, DxE supports any Docker container on Windows or Linux, including Oracle, MySQL, PostgreSQL, MariaDB, MongoDB, and other relational database management systems. It also supports cloud-native SQL Server availability groups (AGs) in containers, including support for Kubernetes clusters, across mixed environments and any type of infrastructure. DxE integrates seamlessly with Azure shared disks, enabling optimal high availability for clustered SQL Server instances in the cloud. -
50
Defendify
Defendify
Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an easy-to-use platform designed to strengthen cybersecurity across people, process, and technology, continuously. Defendify streamlines cybersecurity assessments, testing, policies, training, detection, response, and containment in one consolidated and cost-effective cybersecurity solution. 3 layers, 13 solutions, 1 platform, including: • Managed Detection & Response • Cyber Incident Response Plan • Cybersecurity Threat Alerts • Phishing Simulations • Cybersecurity Awareness Training • Cybersecurity Awareness Videos • Cybersecurity Awareness Posters & Graphics • Technology Acceptable Use Policy • Cybersecurity Risk Assessments • Penetration Testing • Vulnerability Scanning • Compromised Password Scanning • Website Security ScanningStarting Price: $0
