PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.
Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.
You can read user reviews for the Top 5 Vulnerability Management Tools to help you decide which solution is best for you.
Users compare and give feedback on the best Vulnerability Management Tools that they’ve used — based on product reviews, ratings, and comparisons.
#1 Tenable Nessus
Tenable Nessus was ranked as the #1 Vulnerability Management Tool for 2022. PeerSpot users give Tenable Nessus an average rating of 8 out of 10.
An Owner at a tech services company says the solution is “Easy to use, has good support, and gives full reports of what's vulnerable per device.”
Jairo P., Information Security Manager at a financial services firm, mentions that he likes the solution’s “Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips in the documentation), tests against cloud providers, database profiles, several types of telecom devices, and other highly customizable scans. You can scale your environment to gradually increase the quality, depth, and quantity of the tests, enabling you to learn and gradually optimize your vulnerability management platform(s)/instance(s). The possibility of integration with other market tools (Kenna, Archer...) is another differential.”
Madhavan S., CEO at Screenit Labs Pvt Ltd., comments, “It is easy to set up, and allows you to migrate applications safely to the cloud. We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle. We like scanning the ports and security as well as application-level security.”
#2 Morphisec Breach Prevention Platform
Morphisec Breach Prevention Platform was ranked as the #2 Vulnerability Management Tool for 2022. PeerSpot users give Morphisec Breach Prevention Platform an average rating of 10 out of 10.
PeerSpot user Dominic P., Information Technology Manager at a financial services firm, says, "Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
Jeff M., Sr. IT Architect at Yaskawa Motoman Robotics, explains, "There are two primary valuable features. It works without the end-user having to do anything. Second, the fact that it's signatureless is valuable. It's very light on the endpoint and does not have any performance hindrance on the endpoint. That is a huge plus as well. Morphisec's approach to using deterministic attack prevention is a big deal for us with all the zero-day attacks and ransomware that's going on in the industry.”
Sean L., Network Administrator at an educational organization, says, “The fact that it's able to automatically detect and block ransomware attempts is the most valuable feature.”
#3 Tenable SC
Tenable SC was ranked as the #3 Vulnerability Management Tool for 2022. PeerSpot users give Tenable SC an average rating of 8 out of 10.
Joao M., CIO / IT Consultant at RedShift, states, “The most valuable features are the dashboards and reporting. They have multiple dashboards and reports for different types of details that can be used for different levels of reporting. This product has the best results in terms of the lowest number of false-positives and false-negatives. There are multiple types of engines that cover almost any necessity that the company can have for vulnerability and compliance.”
A Program Manager at a tech services company expresses, “The feature we've liked most recently was being able to take the YARA rules from FireEye and put them into Tenable's scan for the most recent SolarWinds exploit. That was really useful.”
An Information Security Analyst at a retailer says, “The UI, the user interface, is really, really good. It's really simple. I started with no prior experience in vulnerability management and picked it up in less than a day, pretty quickly. It's very intuitive.”
#4 Qualys VM
Qualys VM was ranked as the #4 Vulnerability Management Tool for 2022. PeerSpot users give Qualys VM an average rating of 8 out of 10.
A Senior Security Consultant at a tech services company mentions that the solution’s “Continuous monitoring is excellent because it is entirely dependent on the agent, and the Agent Scan, is also quite good. I also like the asset tagging, asset grouping features, and the dashboard, because we can customize and create our own dashboard. That's quite good. The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities. That is also an excellent module.”
A Cyber Security Director at a manufacturing company comments, “The prioritization mechanism is the most valuable aspect of the solution.” He adds, “The initial setup is straightforward, technical support is great, and the stability and reliability are good.”
An AVP - Information Security at a financial services firm states, "It is very easy to use and there are lots of options. We can usually easily go through it and all of the things we want to configure, and we can configure everything to our specifications very easily."
#5 Rapid7 InsightVM
Rapid7 InsightVM was ranked as the #5 Vulnerability Management Tool for 2022. PeerSpot users give Rapid7 InsightVM an average rating of 8 out of 10.
PeerSpot user Bill Y., Director of Cyber Security (CISO) at a marketing services firm, explains, “Broad capabilities make this scanning solution able to cover a lot of ground. It is good and fits well with pretty much all of our use case needs. You can bring in and get online to do reports fairly quickly.”
An Owner at a tech services company states, “The solution understands and defends your network from vulnerabilities. I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."
Kimeang S., Technical Consultant at Yip Intso, says, “The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at. The solution has an excellent feature that scans for vulnerabilities. It helps us avoid being affected by WannaCry or other malicious attacks of that nature. We're able to see more vulnerabilities before they become an issue due to the fact that it's so protective. It's great at helping us avoid malware or ransomware.”
