Readers vote on the best Vulnerability Management products in 2012: Network vulnerability assessment scanners, vulnerability risk management, reporting, remediation and compliance, patch management, vulnerability lifecycle management.
In this part:
Gold: QualysGuard Vulnerability Management, Qualys
QualysGuard Vulnerability Management (VM) took home the gold this year, winning high marks from readers for effectively and accurately identifying vulnerabilities in a timely manner. The cloud-based service also scored high marks for its scalability and vendor service and support. Readers also liked its comprehensive and flexible reports and reported that it was easy to install, configure and administer.
QualysGuard VM provides automated network auditing and vulnerability management, including network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking. Since it is a Security as a Service, the product doesn't require deployment or management of infrastructure. It's no surprise then that readers reported that QualysGuard VM was easy to set up and manage.
The service features full remediation workflow capabilities with trouble tickets. QualysGuard VM's vulnerability reports that readers praised include data on severity levels, estimates on remediation times, impact on business and trend analysis. The service aims to reduce the time that security managers have to spend tracking down and fixing network vulnerabilities, giving them more time to work on other projects.
Expert's market reflection: "Vulnerability management has evolved, but at the same time, the playing field has shifted. Assessment and remediation have improved, but attackers have also turned to potentially richer opportunities such as Web and Java applications." --Scott Crawford, managing research director, Enterprise Management Associates
Silver: Tenable Nessus, Tenable Network Security
Readers awarded the silver to the Tenable Nessus vulnerability scanner, giving the product especially high scores for its ability to effectively and accurately identify vulnerabilities in a timely manner. Nessus also scored well for the breadth of applications and devices it covers. Readers say they get their money's worth with the product. Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis.
Bronze: Symantec Altiris Client Management Suite, Symantec
Symantec Altiris Client Management Suite snagged the bronze with high ratings for effectively and accurately identifying vulnerabilities in a timely manner and its remediation/workflow features. Readers also give the product high scores in the area of scalability. The suite is designed to automate time-consuming work and reduce costs associated with deploying, patching and supporting client systems and software. Altiris Client Management Suite works across Windows, Mac, Linux and virtual desktop environments.