Manage Learn to apply best practices and optimize your operations.

Vulnerability management tools: Summary/Fast track

Vulnerability management assessment is an important aspect of network security assessments. This summary wraps up vulnerability management tools and also provides a Fast track from Syngress, condensing the contents of the book chapter into an easy guide.


In Chapter 7, we discussed the methodology behind vulnerability management. In this chapter, we discussed what an ideal vulnerability tool features, although we know and understand why such a tool doesn't exist. However, as we discussed, some vendors are getting close to delivering complete solutions in this comparatively new discipline in information security.

Download this chapter
Want the full chapter? Download the .pdf, reprinted from Network Security Assessment by Manzuik, Gold and Gatford with permission from Syngress, a division of Elsevier. Copyright 2007.

We briefly discussed some of the players, but gave no suggestions regarding the pros and cons of the tools because there is no one tool that fits all the requirements of an organization. Although the open source community has a wealth of great tools available, there isn't one tool that supports all of the facets of vulnerability management; rather, there are bits and pieces scattered among many authors.

To close out the chapter, we discussed some of the pros and cons of leveraging an outsourcer to manage parts of a vulnerability management program. It's conceivable, and many organizations do it, but it's imperative to put in place some serious guidelines and detailed service-level agreements beforehand to ensure that no one becomes disappointed with the delivery of the service.

Solutions Fast Track

The Perfect Tool in a Perfect World

  • The perfect vulnerability management tool would include asset management, vulnerability assessment, configuration management, patch management, remediation, reporting, and monitoring capabilities.
  • All of these components interoperate, pushing and pulling data as each task is performed.

Evaluating Vulnerability Management Tools

  • No one vendor has a solution or set of technologies that completely addresses all aspects of the vulnerability management life cycle.
  • Several key questions can assist you in evaluating vulnerability management tools and, hopefully, in identifying gaps in terms of capabilities.
The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to and click on the "Ask the Author" form.
Q: How do I decide which tool to use?
A: Demo the technology first. Most vendors provide trial-ware offerings of their products. Even if it's an appliance-based solution, most vendors are usually willing to provide you with a loaner unit. Managed vulnerability providers also allow for interactive demonstrations.

Q: Should I seriously consider an open source solution?
A: That depends on your aversion to technology. If you're looking for creative technologies and novel intellectual property, and you are seeking to fill a gap within your vulnerability management program, you should definitely consider open source. If your organization is taking the creation of a vulnerability management program seriously (i.e., you have a budget), you should look into a combination of commercial tools and open source tools.

Commercial Vulnerability Management Tools

  • The vulnerability management market is changing frequently due to mergers, acquisitions, and alliances. Numerous vendors provide tools in this space, so you must identify your needs prior to evaluating technologies.

Open Source and Free Vulnerability Management Tools

  • The open source community has created some great security tools.
  • No one tool provides a complete vulnerability management solution.
  • It may not require much effort to create interoperability between open source vulnerability management tools.

Managed Vulnerability Services

  • Set some serious guidelines and detailed service-level agreements to ensure that no one becomes disappointed with the delivery of a service.
  • Before selecting a vendor, confirm which products the vendor is using and how the information is distributed to interested parties.
  • Ensure that you have access to the raw data.

Vulnerability management tools
  Home: Introduction
  1: Evaluating vulnerability management tools
  2: Commercial and open source network tools
  3: Summary/Fast track

Dig Deeper on Cybersecurity risk assessment and management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.