Hello community,
I am a Senior Engineer at a large financial services firm.
I am currently researching vulnerability management tools. Which tool would you recommend for vulnerability management in your infrastructure?
We are particularly concerned post the Apache log4j vulnerability that was identified last year. Although we already have a vulnerability management tool, we want to see what the other alternatives are.
Thank you for your help.
After sifting through all the different options to find the vulnerability management tool that would offer the highest level of value, I feel that Tenable Nessus is the solution that beats out its competitors. If I were asked to offer a recommendation, I would say that this is the best possible investment for those looking to acquire a vulnerability management solution.
I was drawn to Tenable Nessus by the benefits, sheer versatility, and powerful tools that it offers users. These features and tools include:
Intuitively designed tools and features. The solution is designed so that I can use it without taking a course to train me in how to utilize its various tools. I am able to easily configure security reports to fit my needs at any particular time. It comes with pre-built security templates that I can deploy quickly and painlessly to ensure that my development process remains absolutely secure. Additionally, I only need a few clicks to initiate scans of my system. Tenable Nessus also allows me to simply scale my security so that my needs are always being met.
Use case versatility. Tenability Nessus is capable of providing me with deep insights into practically any IT asset type that I could desire to examine. It is compatible with more than 47,000 unique asset types. These include things as diverse as network devices and small driver update utilities applications.
Vulnerability triage. Among the tools that Tenable Nessus offers is a vulnerability triage feature. It assigns ratings to my vulnerabilities so that I can make informed decisions when addressing my vulnerabilities.
If you are looking for Vulnerability Assessment for IT Infra, then you can evaluate Qualys or Tenable.io (Nessus).
Hello
I recommend you take a look at TANIUM.COM.
It's a fantastic solution (actually, this is a PLATFORM) in which you have some CORE modules and several modules (IT OPERATIONS & SECURITY) which can be deployed according to your needs.
TANIUM may search LOG4J in several LIBRARIES across your infrastructure. On the other hand, the standard VulnMgmt tool cannot reach deep down into these libraries to find LOG4J vulnerabilities.
All the Best!
Cheers
THONI SCOLA
from SUNLIT Technologies in BRAZIL