15 years helping Singaporean businesses
choose better software

Vulnerability Scanner Tools

A vulnerability scanner is a tool used to monitor applications, networks and environments for security flaws and vulnerabilities. Vulnerability scanners maintain a database of known vulnerabilities and conduct continuous scans to identify new ones. Vulnerability scanners typically produce reports on specific vulnerabilities, as well as provide prioritized remediation recommendations.

Singapore Show local products
All-in-one security solution that scans your website, detects vulnerabilities and offers remediation, in three steps: Find-Fix-Prevent. Learn more about Acunetix
Acunetix (by Invicti) is an automated application security testing tool that enables small security teams to tackle huge application security challenges. With fast scanning, comprehensive results, and intelligent automation, Acunetix helps organizations to reduce risk across all types of web applications. With Acunetix, security teams can: - Save time and resources by automating manual security processes - Work more seamlessly with developers, or embrace DevSecOps by integrating directly in Learn more about Acunetix

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
The AI-Powered Accessibility Widget automatically finds/fixes web accessibility issues 24/7 for continuous ADA and WCAG compliance. Learn more about UserWay Accessibility Widget
UserWay’s digital accessibility solutions help you continuously comply with the ADA and WCAG. Trusted by millions of websites, its AI-Powered Widget automatically fixes accessibility violations 24/7, offers 100+ accessibility tools, and supports 50+ languages to elevate your website performance and brand image. UserWay also provides accessibility scanning, document remediation, attorney-led legal support, commission-based partnerships, managed accessibility, platform integration, and more. Learn more about UserWay Accessibility Widget

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
A prioritization-driven threat and vulnerability management software for enterprises that offers built-in patching. Learn more about ManageEngine Vulnerability Manager Plus
Vulnerability Manager Plus delivers comprehensive coverage, continual visibility, risk-based assessment, and integral remediation of vulnerabilities and misconfigurations from a central console. It offers extensive features including vulnerability assessment, automated patching, CIS compliance management, security configuration management, high-risk software audit, antivirus audit and active port audit. Vulnerability Manager Plus comes with plenty of reports, dashboards, and endless scalability. Learn more about ManageEngine Vulnerability Manager Plus

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Nessus Pro, the industry leader in vulnerability assessment, helps you quickly and easily identify and fix vulnerabilities.
Built for security practitioners, by security professionals, Nessus Professional is the de-facto industry standard for vulnerability assessment. Nessus performs point-in-time assessments to help security professionals quickly identify and fix vulnerabilities, including software flaws, missing patches, malware, and misconfigurations. With features such as pre-built policies and templates, group snooze functionality, and real-time updates, it makes vulnerability assessment easy and intuitive. Learn more about Nessus

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Syxsense delivers comprehensive vulnerability scanning, including security configurations.
Syxsense delivers comprehensive vulnerability scanning, including security configurations. Syxsense detects OS and third-party software and security configuration vulnerabilities, such as open ports, disabled firewalls, insecure passwords, and more. With Syxsense, you can safeguard your systems with centralized patch updated and security risk detection and resolution through a single agent. Learn more about Syxsense

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Orca Security is the pioneer of agentless cloud security that spans AWS, Azure, Google Cloud and Kubernetes.
Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes. Learn more about Orca Security

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Web application penetration testing tool that helps you to identify vulnerabilities on your website before hackers exploit them.
Automate vulnerability assessment, accelerate remediation and secure your web applications from the latest security vulnerabilities. Security tests can be scheduled on a weekly or monthly basis to have regular vulnerability assessments and keep the website security intact. The DevSecOps CI plugins allow one to automate regular vulnerability assessment in the CI/CD pipeline to get real-time updates of an application's security on Slack, JIRA or Trello right during the development phase. Learn more about Beagle Security

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Monitors the vulnerability management process, tracks remediation and ensures policy compliance.
Security Risk and Compliance Management - On Time, On Budget, On Demand -- Qualys is the first company to deliver an on demand solution for security risk and compliance management. Qualys monitors your company's vulnerability management process, tracks remediation and ensures policy compliance. QualysGuard is also the widest deployed security on demand platform in the world, performing over 150 million IP audits per year - with no software to install and maintain. Learn more about Qualys Cloud Platform

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
The first Click&Play Cyber Security platform. CyLock finds out if your systems are hacker safe in one click!
CyLock is a software designed to defend your systems from hacker attacks, identifying weaknesses on your systems and websites, providing information to address vulnerabilities (those used by cyber criminal to access to your computers). Learn more about CyLock Anti-Hacker

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
KACE Unified Endpoint Manager unites traditional endpoint management with modern management in a shared intuitive interface.
KACE® by Quest supports your unified endpoint management (UEM) strategy by helping you discover and track every device in your environment, automate administrative tasks, keep compliance requirements up-to-date and secure your network from a range of cyberthreats. Discover, manage and secure all your endpoints from one console as you co-manage your traditional and modern endpoints, including Windows, Mac, Linux, ChromeOS, and iOS and Android devices. Learn more about KACE

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
AppTrana monitors web traffic and blocks malicious attacks. It is combined with DDoS, API risk, and Bot mitigation solutions.
Indusface’s AppTrana is a fully managed web application firewall that ensures risk-based protection with its DDoS, API risk, and Bot mitigation services while assuring web acceleration with secure CDN. Combining automated scanning with manual pen-testing, it detects application vulnerabilities. All of this with 24x7 expert support to meet zero false-positive guarantees. Indusface is the only vendor to be named Customers’ Choice for WAAP in all the 7 segments of the Gartner VoC 2022 Report. Learn more about AppTrana

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Hackrate is a bug bounty platform that helps companies reduce cybersecurity risks by using the power of the global hacker community.
Hackrate Bug Bounty platform helps companies to identify software vulnerabilities in a cost-efficient way. It provides a secure and centralized view of ethical hacking projects for your company. A bug bounty is about using the power of crowdsourced security to secure your business. During a bug bounty program, a company offers rewards to ethical hackers for reporting vulnerabilities. Learn more about Hackrate

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Our Active Directory Audit Tool is free and runs on Windows Server 2008 & later. The audit results are provided in a clickable report.
FREE tool that scans your Active Directory, and detects security-related weaknesses, specifically related to password policies. Collect and display interactive reports containing user and password policy information. This includes checking user account passwords against a list of vulnerable passwords obtained from leaks and ones observed in real attacks. The audit can also help you identify which accounts may be violating your security policy by using the same password across multiple accounts. Learn more about Specops Password Auditor

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Invicti Enterprise, formerly Netsparker, is a comprehensive automated web vulnerability scanning solution.
Invicti, formerly Netsparker, is an automated vulnerability scanning security testing tool that makes it possible for enterprise organizations to secure thousands of websites and dramatically reduce the risk of attack. By empowering security teams with the most unique DAST + IAST scanning capabilities on the market, Invicti allows organizations with complicated environments to automate their web security with confidence. Learn more about Invicti

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Reduce the time required to manage critical changes and repetitive tasks across complex, multi-vendor networks.
SolarWinds Network Configuration Manager (NCM) delivers powerful network configuration and compliance management. Automate config backups, so you can quickly roll back a blown configuration or provision a replacement device. Continuously audit configs and get alerted if a device is out of compliance, then remediate vulnerabilities rapidly through bulk config deployment. Prevent unauthorized network changes through change delegation, monitoring, and alerting. Learn more about SolarWinds Network Configuration Manager

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Continuous protection for your evolving IT environment, multiplatform cyber risk management and 24/7 ESET expertise on call.
ESET's MDR service represents the most densely multilayered and effective cybersecurity approach in the world. The MDR service takes ESET's cutting-edge technology and augments it with hands-on expertise, delivered 24/7/365, ensuring antimalware technology and strategy are perfectly aligned. With full XDR capabilities thanks to ESET Inspect, the XDR-enabling component, this is the optimal approach to securing your enterprise. Learn more about ESET PROTECT MDR

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Security management platform offering fully integrated security controls for threat detection and compliance management.
USM Anywhere delivers a unified, simple and affordable solution for threat detection and compliance. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange the largest crowd-sourced threat intelligence exchange, USM enables mid-size organizations to defend against modern threats. Learn more about USM Anywhere

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
EcoTrust is a CAASM platform prioritizing critical business cyber risks, integrating AI for advanced security.
EcoTrust introduces an innovative CAASM platform that redefines cybersecurity by focusing on prioritizing critical business risks. Our solution offers a consolidated view of vulnerabilities and attack surfaces, employing advanced AI to filter out noise and concentrate on what truly matters, enabling security teams to do more with less. It integrates data from over 50 technologies, providing a comprehensive view of cyber risks, enhancing operational efficiency, and improving security decision accuracy. Our platform not only identifies and holistically visualizes risks and vulnerabilities through 6 native scanners but also prioritizes the greatest risks based on technical and business contexts. This optimizes resource allocation, reducing the time needed for critical fixes and improving threat response capabilities. EcoTrust also delivers treatment recommendations generated by AI, speeding up the response to critical vulnerabilities and improving key cyber risk indicators. Learn more about EcoTrust

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Probely is a DAST scanner designed to empower Security and DevOps teams working together to reduce the security risk of web apps & APIs
Probely is the premier cloud-based automated application security testing solution designed to empower Security and DevOps teams working efficiently together on a DevSecOps approach built to reduce risk across web applications and RESTful APIs. With over 30 000 vulnerabilities detection capabilities, including SQLi, XSS, Log4j, OS Command Injection, and SSL/TLS issues, Probely reports vulnerabilities that matter, is false-positive free, and includes detailed instructions on fixing them. Learn more about Probely

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Cyber Chief is a vulnerability scanner & issue management tool that helps you ship software with zero security known vulnerabilities
Cyber Chief gives software teams the power to find and fix thousands of vulnerabilities in their web applications and cloud infrastructure. With its one-click vulnerability scanning and smart vulnerability management features, Cyber Chief will help your software team secure their applications and infrastructure, even if there is zero application security qualifications or experience on your team. Cyber Chief is cloud-based and has military-grade security controls so that your security secret Learn more about Cyber Chief

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
The Unified Data Platform combines complete IT visibility as well as data enrichment and transformation in one central solution.
IT landscapes are subject to constant change, making it increasingly difficult for companies to maintain transparency. The multitude of hardware and software applications as well as geographically distributed branches ensure that a holistic overview of the IT landscape (internal, hosted and cloud) can‘t be guaranteed. The Unified Data Platform powered by RayVentory collects all relevant data for you and prepares them in a meaningful and targeted way: The central point for all data. Learn more about RayVentory

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
Our aim is to make cybersecurity understandable, affordable and manageable for everyone.
If you want to assess your online assets' vulnerabilities, Security for Everyone is the tool for you whether you are a tech expert or a digital asset owner who does not have any coding experience. You can have: 1-Automated vulnerability assessment, 2- API integration, 3- Manual scanning options. Whichever opiton you choose, your vulnerabilities will be shown with video and pdf outputs. You can either send them to an expert or use them yourself to make your fixing process easier. Learn more about Security for Everyone

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
FractalScan Surface scans the Internet to discover your online infrastructure, assets and shadow IT.
FractalScan Surface scans the Internet to discover your online infrastructure, assets and shadow IT. It checks for misconfigurations, security vulnerabilities and exposed data to create a prioritised set of risks with in-built remediation advice. Quickly find & evaluate your own or 3rd parties online attack surface, and continuously monitor it for changes. FractalScan Surface uses non-aggressive, non-intrusive, passive scanning techniques - perform due-diligence on any business! Learn more about FractalScan Surface

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
GlitchSecure is real-time continuous security testing platform that you helps identify and remediate software vulnerabilities.
GlitchSecure is a real-time continuous security testing platform that helps you find and remediate software vulnerabilities and prevent breaches through year round security testing, expert driven insights, and verified reports to eliminate false positives. Go beyond a point in time pentesting and get a real-time assessment of your security posture while continually monitoring your assets for vulnerabilities. Learn more about GlitchSecure

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API
HackerOne is the industry standard for hacker-powered security.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Qualcomm, Starbucks, Dropbox, Intel,and over 1,200 other organizations have partnered with HackerOne to resolve over 90,000 vulnerabilities and award over $42M in bug bounties. Learn more about HackerOne

Features

  • Alerts/Notifications
  • Website Crawling
  • Vulnerability/Threat Prioritization
  • API