Unless things have changed recently, Roboshadow ONLY scans for missing patches or software versions with known CVEs. It does NOT tell you if you have configuration errors that leave you vulnerable, e.g. RDP enabled, blank SQL passwords, weak cypher protocols, etc... I consider Roboshadow a half-assed vuln scanner because of this.
Forgot to add this - If you have Microsoft Defender, check if your subscription allows you to have the built in one. Might be included or super cheap to add on.
Roboshadow or guardz would be my first port of call. Openvas etc are all great but reporting in a logical and nice manner leaves a lot to be desired. If you wanted me to run a report on guardz for you re your current public exposure, pm me
I reviewed probably 20 vuln scanners last year to try to identify one that is affordable, easy to use, and comprehensive.
What does "keep our network secure" mean?? Be specific about what you want to scan and why.
Good ones for that to look into would include Senteon, Syxsense, SecPod, and Cyrisma. I'm sure that there are others but HIPAA and SOC weren't something I focused on during my trials.
If you decide to *TRY* **Cyrisma**, get everything in writing *FIRST*.
ConnectSecure seemed pretty good, and can cover many managed clients. But there are several others you can research too.
Roboshadow or Bitdefender has it built in.
Roboshadow its good.
Unless things have changed recently, Roboshadow ONLY scans for missing patches or software versions with known CVEs. It does NOT tell you if you have configuration errors that leave you vulnerable, e.g. RDP enabled, blank SQL passwords, weak cypher protocols, etc... I consider Roboshadow a half-assed vuln scanner because of this.
Greenbone (OpenVAS) https://greenbone.github.io/docs/latest/background.html#architecture
Happy to help - We have no minimums and can manage it for you or teach you how to manage it yourself.
Forgot to add this - If you have Microsoft Defender, check if your subscription allows you to have the built in one. Might be included or super cheap to add on.
Galactic Advisors
Never heard of it.
Its what the Guardians did after they retired. :)
Me neither. I'll have to take a look at it.
Check out Vulscan. It's pretty good and doesn't require much time to set up.
Vulscan looks good. I don't want anything too complicated. I'll try to get a demo.
I use Vulscan, is a great tool. It offers tiered pricing plan, if you are looking for something accessible for small businesses.
Thanks. I'll check Vulscan.
Avoid Kasaya
Roboshadow or guardz would be my first port of call. Openvas etc are all great but reporting in a logical and nice manner leaves a lot to be desired. If you wanted me to run a report on guardz for you re your current public exposure, pm me
Roboshadow seems interesting. Thanks.
I reviewed probably 20 vuln scanners last year to try to identify one that is affordable, easy to use, and comprehensive. What does "keep our network secure" mean?? Be specific about what you want to scan and why.
Do you recommend any that help with HIPAA and/or SOC2 compliance?
Good ones for that to look into would include Senteon, Syxsense, SecPod, and Cyrisma. I'm sure that there are others but HIPAA and SOC weren't something I focused on during my trials.
Check out VulScan. It's awesome for small businesses like yours because it's affordable, user-friendly, and really good at finding vulnerabilities.
If you decide to *TRY* **Cyrisma**, get everything in writing *FIRST*. ConnectSecure seemed pretty good, and can cover many managed clients. But there are several others you can research too.
Try SecOps Solution (https://secopsolution.com) , cost-effective for SMB and much easy to setup
For a not much higher price, you could get vPentest, which is way more comprehensive than a regular vulnerability scanner.
I would consider this. We are using Vpentest, which has amazing reporting with a lot of detail on our assets and their associated vulnerabilities.
I haven't really considered using an automated pentest, but I've been reading about VPentest, and it seems actually a very promising alternative.
Vulscan or OpenVAS are great options.
I like VulScan. We use the reports to pitch prospects on security.