6 free network vulnerability scanners

These tools help automate the detection and remediation of vulnerabilities

Vulnerability scanners

Vulnerability scanners can help you automate security auditing and can play a crucial role in your IT security. They can scan your network and websites for up to thousands of different security risks, produce a prioritized list of those you should patch, describe the vulnerabilities, and give steps on how to remediate them. Some can even automate the patching process. While these tools can cost a fortune, there are free options as well. Here’s a thumbnail look at six of them. (See the story version.)

OpenVAS

OpenVAS

The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License. The main component of OpenVAS is the security scanner. The OpenVAS Manager controls the scanner and provides the intelligence. The OpenVAS Administrator provides a command-line interface. The Greenbone Security Assistant offers a web-based GUI. OpenVAS isn’t the easiest and quickest scanner to install and use, but it’s one of the most feature-rich, broad IT security scanners that you can find for free. It scans for thousands of vulnerabilities, supports concurrent scan tasks and scheduled scans. However, it does require Linux at least for the main component.

Retina CS Community

Retina CS Community

Retina CS Community provides vulnerability scanning and patching for Microsoft and common third-party applications, such as Adobe and Firefox. Plus it supports vulnerabilities within mobile devices, web apps, virtualized applications, servers, and private clouds. It looks for network vulnerabilities, configuration issues, and missing patches. The Retina CS Community provides just patching functionality, while Retina Network Community provides vulnerability scanning, which must be separately installed. Retina CS Community is a great free offering by a commercial vendor, providing scanning and patching for up to 256 IPs free and supporting a variety of assets.

Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA)

Microsoft Baseline Security Analyzer (MBSA) can perform local or remote scans on Windows desktops and servers, identifying missing service packs, security patches, and common security misconfigurations. MBSA is relatively straightforward to understand and use. You can select a single Windows machine to scan or an entire domain or IP address range. You can then choose what you want to scan for. Once the scan is complete you’ll find a separate report for each Windows machine scanned with an overall security classification and categorized details of the results. Although free and user-friendly, MBSA lacks scanning of advanced Windows settings, drivers, non-Microsoft software, and network-specific vulnerabilities. Nevertheless, it’s a great tool to help you find and minimize general security risks.

Nexpose Community Edition

Nexpose Community Edition

Nexpose Community Edition can scan networks, operating systems, web apps, databases, and virtual environments. The Community Edition limits you to scanning up to 32 IPs at a time. Nexpose installs on Windows, Linux, or virtual machines and provides a web-based GUI through which you can create sites to define the IPs or URLs you’d like to scan, select the scanning preferences, scanning schedule, and provide any necessary credentials for scanned assets. Once a site is scanned you’ll see a list of assets and vulnerabilities. You can also generate and export reports on a variety of aspects. Nexpose Community Edition is a solid full-featured vulnerability scanner that’s easy to setup, but the 32 IP limit may make it impractical for larger networks.

SecureCheq

SecureCheq

SecureCheq can perform local scans on Windows desktops and servers, identifying insecure advanced Windows settings. It concentrates on common configuration errors related to OS hardening, data protection, communication security, user account activity and audit logging. The free version, however, is limited to scanning less than two dozen settings, about a quarter of what the full version supports. Although SecureCheq is easy-to-use and scans for advanced configuration settings, it actually misses some general Windows vulnerabilities and network-based threats. However, it complements the Microsoft Baseline Security Analyzer (MBSA) well; scan for basic threats and then follow up with SecureCheq for advanced vulnerabilities.

Qualys FreeScan

Qualys FreeScan

Qualys FreeScan provides up to 10 free scans of URLs or IPs of Internet facing or local servers or machines. You initially access it via their web portal and then download their virtual machine software if running scans on your internal network. Qualys FreeScan supports a few different scan types; vulnerability checks for hidden malware, SSL issues, and other network-related vulnerabilities. There are also scans for auditing vulnerabilities of web applications and for missing patches. Once a scan is complete you can view interactive reports by threat or by patch. Since Qualys FreeScan only provides 10 free scans, it’s not something you can use regularly. Consider using another solution for day-to-day use and periodically run Qualys FreeScan for a double-check.