All leading industry standards emphasize the importance of using various techniques and tools for vulnerability scanning to achieve sufficient coverage and depth. For example, CIS Control (v8) 7.5 states that organizations must perform both authenticated and unauthenticated vulnerability scans of internal enterprise assets on a quarterly – or more frequent – basis. Furthermore, they stress the importance of having a solution that can update its vulnerability database according to the latest publications.
Unauthenticated Vulnerability Scan | Authenticated Vulnerability Scan | |
---|---|---|
Endpoint systems | Tenable | Qualys | Rapid7 | Microsoft Defender for Endpoint | CrowdStrike | Tenable | Qualys | Rapid7 | McAfee Endpoint Security | CrowdStrike |
Applications | Netsparker | Acunetix | Tenable | Qualys | Rapid7 | Acunetix | Tenable | Qualys | Rapid7 |
Database systems | Tenable | Qualys | Rapid7 | Qualys | Imperva | IBM Guardium | McAfee Database Security |
Host systems | Tenable | Qualys | Rapid7 | Tenable | Qualys | Rapid7 |
Storage systems | Tenable | Qualys | Rapid7 | StorageGuard |
Backup systems | Tenable | Qualys | Rapid7 | StorageGuard |
It’s time to automate the secure configuration of your storage & backup systems.
Virtual Panel with Check Point, Qualys and Rapid7: Vulnerability Management 2025 Innovations – January 16
Register