What are the best vulnerability scanning tools? Why?

165 views2 Comments
Sort By:
Oldest
Head of Cyber Security in Manufacturing4 months ago
Please detail out the question, so its clear what the focus is for example:
- Endpoints
- Servers 
- Webservers
- Databases
- Applications
- Running Kubernets
- Third Party Libraries
- etc

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
CIO in Education4 months ago
The best vulnerability scanning tools are the ones that organisations actively use to improve the security of their environments. What I mean by this is that not only are scans configured to run at a regular cadence, but that the results are being analysed and remediation efforts are put in place. I've seen regular instances of organisations running vulnerability assessments as a compliance checklist item, but rarely interacting with the findings to make security posture improvements. 

The scanning tool you choose will often be based on your org's appetite for a few things: (not an exhaustive list)
- budget (agent-based VAS is more expensive)
- IT overhead ("do I really need to install yet another agent?")
- does your organisation have automation to, for example, automatically log your VAS calls and have them assigned to a team for remediation? (logging VAS calls manually is extremely time-consuming and emailing scan results to engineers individually isn't effective)
- is someone taking responsibility for remediating underlying reasons for the prevalence of vulnerabilities in their organisation's environment? e.g. if the vulnerabilities point to poor patching cadence, has a proper patching programme been implemented so that VAS isn't being relied on to point out vulnerable applications/operating systems etc. 

Content you might like

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile DevicesSecurity+2 more
VP of IT in Retail3 days ago
My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more
82 views1 Comment

Are you investing security budget in protecting key employees and executives from spear-phishing and social engineering attacks through their personal social media accounts?

Yes, visibility for protecting key employees and executives on social media is part of our cybersecurity budget.56%

No, we do not have a solution or visibility to protect key employees on social media.38%

No, but we plan to budget for key employee and executive protection in the future.5%

View Results
1.5k views2 Upvotes

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments