Vulnerability management tools in a nutshell

Capsule reviews of Critical Watch, eEye, Lumension, Qualys, McAfee and SAINT.

We tested six market-leading products and evaluated each for their vulnerability scanner results, reporting features, product manageability, workflow tools, and interoperability with other enterprise products. Here are capsule reviews of each product.

Critical Watch FusionVM Enterprise

We tested FusionVM in its software-as-a-service configuration, giving us a portal-based vulnerability analyzer with off-site and on-site scanner capability. (Critical Watch offers other packagings which are entirely on-site if needed.)

Do you know where your security holes are?

We found it nice to be able to quickly deploy scanners in virtual machines. Having the flexibility to scan from the inside or the outside also gives additional benefits. With strong feature sets focusing on delegated management and compliance, FusionVM has a clear emphasis on the compliance marketplace. We found the reporting to be a strong feature, and the built-in Web vulnerability testing features will be interesting to anyone who fears bugs in their externally facing Web sites.

FusionVM also has a direct link to TippingPoint IPS products, offering the ability to optimize IPS configurations based on real detected vulnerabilities and systems.

To continue reading this article register now

IT Salary Survey: The results are in