Vulnerability Management Features

Read what people say are the most valuable features of the solutions they use.
Informate5e5 says in a Rapid7 Metasploit review
Information Security and Governance Lead Engineer at a comms service provider with 1,001-5,000 employees
* The option to generate phishing emails has proven to be very valuable in understanding the behavior of users. * It contains almost all the available exploits and payloads. * The in-built Wireshark is valuable in performing packet analysis. * It has different installation files for different OSs. View full review »
Sharath K says in a Skybox Security Suite review
Sr. Consultant at a tech services company with 10,001+ employees
For us, it's more important for our firewalls, to maintain the configuration compliance, to look at duplication of rules; clean up functionalities on the firewall and compliance of the firewall. That's where it's most important. We're still looking at making use of this tool for other purposes, but it's still a work in progress at this moment. We are using Network Assurance, primarily for our devices like routers and switches. Change Manager is still a work in progress for us. While we have that module, we're still working on customizing it. It's understandable and it works well, right now. We are looking at automating that whole change management procedure using a third-party API integration along with Skybox. So that's still a work in progress at the moment. View full review »
Hassan-Moussafir says in a Rapid7 InsightVM review
Founding Member at Societe Generale
The most valuable feature for us is the different types of reporting it provides. For example, the compliance reporting, compliance with the international standard in which we are certified and compliant. This is important for us to escalate the dashboard to our top management. View full review »
Technology Security Expert at a comms service provider with 1,001-5,000 employees
The most valuable feature is the certificate management. The reason is the limited license provided by the mother company. View full review »
JoelSadomba says in a Fortinet FortiDB review
IT Engineer at BAZ
The most valuable feature is database security. This solution provides file-level protection. Automatic database discovery finds all databases on the network, including those across subnet and WAN boundaries. View full review »
reviewer1059522 says in a Fortinet FortiDB review
IT Assistant at a international affairs institute with 10,001+ employees
The most valuable features of this solution are the security aspects. View full review »
Manoj Nair says in a Tenable SecurityCenter review
Tech Specialist
The dashboard and the templates used to delvelop reports are awesome. It is easy to run, scan, and categorize an asset as and when needed. The same asset can be present in two or more groups based on the identification. This solution can now be deployed in cloud setups. This solution provides a good reporting system and with a reasonably good level of third-party integration. McAfee has leveraged this capability beautifully in its Policy Orchestrator. View full review »
Dr. SureshHungenahally says in a Qualys VM review
Chief Executive Officer at Suraksha Pty Ltd
The way we can maintain a current actual registry of all the IP assets within it is very good. The scanning of software assets on the endpoint machine is also useful. I've tried the scanning of similar asset vulnerabilities throughout different servers, including Unix and Windows. Qualys maintains a good intervention database. We have a service line that updates to the newest software, or whenever you set it up. The second service line has denominated my nodes across the globe. It's easy to deploy the solution. View full review »
Infraprojman67 says in a Tenable Nessus review
Senior Infrastructure Project Manager at a energy/utilities company with 501-1,000 employees
The feature I find most valuable is the vulnerability reporting. View full review »
Sameer Quraishi says in a Qualys Virtual Scanner Appliance review
Information Security Officer at Zamil
The first thing we like is the scanner, the device which checks vulnerability management. They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability. If there is a new attack, we definitely know that it is happening, what is happening in our environment. View full review »
Justin Kolker says in a Tenable SecurityCenter review
IT Security Specialist at a consultancy with 1,001-5,000 employees
One of the most valuable features is their distributed scan model for allotting engines to work together as a pool and handle multiple scans at once, across multiple environments. Automatic scanning distribution is a distinguishing feature of their toolset. Also, the ability to trend data back as far back as we have disk space for, is helpful. Finally, the ability to write custom audit files is a really helpful and useful feature. That's something that not a lot of assessment companies have gotten right. There's room for improvement, but literally being able to take the text file, open it up, and adjust the changes, write your own regex and write your own checks, is huge. View full review »
Joey Smith says in a Tenable SecurityCenter review
Medical Device Cybersecurity Analyst at a healthcare company with 10,001+ employees
What is useful to me is being able to fulfill very customized scanning policies. In the clinical environment, because of vendor control, we can't perform credential-vulnerability scanning. And network scans, which I've done before, can cause a lot of impact. Being able to create very customized policies to be able to routinely scan and audit our clinical networks, while simultaneously not causing impact, is important to us. That requires a lot of flexibility in how we create the policies, so flexibility in policy-creation is a big feature. For me, another useful feature of the tool is the dashboard and reporting. That is a big piece for me. The reporting covers most of my needs. In terms of integrations, so far, from what we've seen and for what we're trying to accomplish, it's been pretty flexible. The Vulnerability Priority Rating is useful. I run scans on all of our medical equipment and we have stuff that's still Windows 2000. Equipment is so expensive to upgrade and replace. I find a lot of it shows up red for vulnerabilities that we really can't do anything about. The predictive stuff helps prioritize some of those risks. At a high level, it helps narrow that scope. There is still a lot of manual work on my end because, as I mentioned, I really have to know what equipment I'm looking at exactly from a medical standpoint. But it does help narrow the scope. View full review »
SeniorIn3d86 says in a Tenable SecurityCenter review
Senior Information Security Analyst at a financial services firm with 1,001-5,000 employees
The most valuable feature is its ability to scan for vulnerabilities in our important systems, networks devices, and so on. View full review »
Jim Gallagher says in a Rapid7 InsightVM review
Enterprise Manager Infrastructure and Operations with 501-1,000 employees
The feature that we find most valuable is the granularity. You can view your assets however makes the most sense to your business. We found that we could isolate systems easily via tagging and site setup. View full review »
SeniorITe7b6 says in a Tripwire IP360 review
Senior IT Auditor at a retailer with 10,001+ employees
Ensures we know which vulnerabilities that we are exposed to. View full review »
Priyanka Dash says in a Qualys VM review
Information Technology Analyst at a tech services company with 10,001+ employees
Patch supersedence. View full review »
User at a tech services company with 10,001+ employees
The prebuilt CIS templates are very useful. View full review »
user9776 says in a Tripwire IP360 review
Pre-Sales Specialist at a tech services company with 51-200 employees
The most valuable feature would be the command app to control feature. It's not hugely utilized. It can go a lot further. It can be used a lot more because it can drift over into spaces from telephoning, where you have certificate expiry and it's easy with a couple of scripts to control expiry or certificates for everything else for outages with a call center solution. There are multiple areas where the product can quickly adapt by using upper command control to immediately solve a lot of issues where you don't need to look at other products. View full review »
Miguel Angel Hernández Armas says in a Tenable Nessus review
Implementation Engineer at a comms service provider with 11-50 employees
The comprehensive coverage offered by Nessus has been the most remarkable; it really does everything that has been asked of the software. It's great, the possibility of automating implementations and really your database is immense for all the compliances and vulnerabilities. Tenable University is great and allows to train all the personnel in charge of making the scans in an optimal and effective way. View full review »
KalaiarasuSanthirasekeran says in a Tenable Nessus review
Security Professional at a tech services company with 10,001+ employees
I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning and identifying instabilities. View full review »
ReviewerSE399 says in a Fortinet FortiDB review
Network Security Consultant at a tech services company
It is critical to monitor the action in a database. This is the most important feature of FortiDB. You can create queries, delete data, block as a firewall and more. You can also reset the station user if you want to do a specific update. View full review »
Information Security Expert at a comms service provider with 5,001-10,000 employees
We really love the Security Center dashboard. It performs vulnerability scanning and then outputs vulnerability data. When you are working with one, two, three, up to 10 IT pieces of equipment, managing the vulnerability data would just be fine, but when you are managing assets across an organization of 10,000+ employees, you have a really hard time normalizing those vulnerability data. The dashboard helps us out to map what things need to be prioritized, what is our current threat landscape and what would be the latest threats that we have in our network. View full review »
Thomas Kung says in a Tenable Nessus review
Senior Consultant at a tech company with 1,001-5,000 employees
We wanted to do a lot of Hardening and we have to make sure that all endpoints are up to the certain Hardening standard and we propose the CIS benchmark to do this. That's why we use Tenable to do scanning frequency and to ensure the quality of the endpoints. View full review »
RaghunandanRaju says in a Qualys VM review
Senior Vulnerability Analyst at a comms service provider with 10,001+ employees
I find the most valuable features are the continuous monitoring. Even on premises, there is constant monitoring. View full review »
Sujit Sharma says in a Qualys VM review
Information Security Engineer at a tech services company with 1,001-5,000 employees
The most valuable features are that it is a simple solution that makes scanning easy. You just give it a scheduled task, and it will do everything for you. The reporting is fine, too. And, the knowledge base is pretty good, too. View full review »
Sign Up with Email