getapp-logo

App comparison

Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.

Software categoriesBlog & researchAbout us

GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links. 

Vulnerability Management Software - Page 2

Last updated: April 2026

1 filter applied

Features

Integrated with

Pricing model

Devices supported

Organization types

User rating

55 software options

Phoenix Security logo

Vulnerability management and orchestration platform

learn more
AppSec Phoenix helps organizations bring executives, developers and security on a unified platform.

Appsec Phoenix is a vulnerability management and orchestration platform that provides a single pane of glass across Cloud, Infrastructure, Application, Container Security

Read more about Phoenix Security

Users also considered
Invicti logo

Proof-based application security testing platform

learn more
Invicti is a web application and API security platform that provides proof-based vulnerability scanning with DAST, SAST, and ASPM capabilities. The platform discovers and tests websites, applications, and APIs while correlating security findings from multiple tools to prioritize real vulnerabilities. It integrates with CI/CD pipelines and offers AI-powered remediation guidance to help development teams address security issues efficiently.

Read more about Invicti

Users also considered
AWS Config logo

Configuration and vulnerability management software

learn more
AWS Config is a configuration and vulnerability management software that helps businesses manage continuous audits, operational troubleshooting, compliance monitoring, and more from within a unified platform. It allows staff members to automatically send updates of all configuration changes including resource updating, creation, and deletion.

Read more about AWS Config

Users also considered
HackerOne logo

Cybersecurity platform to identify and fix vulnerabilities

learn more
HackerOne is a web-based cybersecurity platform designed to help businesses across various industry verticals such as education, telecom, aviation, media, financial services, and more eliminate vulnerabilities by securing continuous development processes.

Read more about HackerOne

Users also considered
Snyk logo

Cloud-based security platform to track & fix vulnerabilities

learn more
Snyk is a cloud-based application security and testing platform, which helps enterprises discover and fix vulnerabilities across open source libraries, containers, or codes throughout the development process. Features include runtime monitoring, reporting, exploitability indicators, alerts, and prioritization.

Read more about Snyk

Users also considered
UpGuard logo

Cloud-based cybersecurity tool for vendor risk management.

learn more
UpGuard is a cloud-based risk and attack surface management platform that provides organizations visibility and control over their cyber risk. The solution provides a suite of features that enable security teams to identify, assess, and remediate risks across their entire vendor ecosystem and external attack surface.

Read more about UpGuard

Users also considered
Cobalt logo

(previously CrowdCurity) Pen Testing as a Service

learn more
Cobalt - previously CrowdCurity - is a modern application security platform that supports a complete find-to-fix workflow for all penetration testing and vulnerability assessments throughout an organization

Read more about Cobalt

Users also considered
Alert Logic MDR logo

Managed detection and response (MDR) platform

learn more
Alert Logic MDR is a managed detection and response platform that helps businesses identify, investigate, and eliminate active threats across networks, applications, and endpoint devices. Features include asset discovery, PCI scanning, behavior tracking, web log analytics & real-time reporting.

Read more about Alert Logic MDR

Users also considered
Techowlshield logo

"Defending Your Digital Domain Against the UNSEEN ENEMY"

learn more
TechOwl Shield offers a real-time, AI-powered view of your cybersecurity threats, helping you identify and prioritize vulnerabilities for around-the-clock data protection.

Read more about Techowlshield

Users also considered
Versio.io logo

CMDB, IT Asset Management, Governance, Security

learn more
Versio.io continuously and automatically detects and documents changes in businesses and IT landscapes. Data from third-party applications that companies use to run business processes, monitor the IT landscape and control IT service management can be seamlessly integrated.

Read more about Versio.io

Users also considered
CloudWize logo

Cloud security and compliance management solution

learn more
Get 360° cloud protection from architecture design to runtime. This agentless, drag-and-drop, no-code solution enables you to detect and fix cloud issues in minutes. Over 1000 rules running continuously on your cloud within minutes of onboarding.

Read more about CloudWize

Users also considered
Pentest-Tools.com logo

Discover what's possible. Prove what's real.

learn more
From vulnerability scans to proof, Pentest-Tools.com gives 2,000+ security teams in 119 countries the speed, accuracy, and coverage to confidently validate and mitigate risks across their infrastructure (network, cloud, web apps, APIs).

Read more about Pentest-Tools.com

Users also considered
Kiuwan logo

Secure your applications confidently with Kiuwan.

learn more
Kiuwan is an end-to-end application security platform supporting 30+ languages with SAST, SCA, & QA. Kiuwan integrates with IDEs for direct analysis, offers tailored reports, and meets NIST, CWE, & OWASP standards.

Manage open source components and secure your projects confidently with Kiuwan.

Read more about Kiuwan

Users also considered
Acunetix logo

Cloud-based and automated web application security solution

learn more
Acunetix (by Invicti) is a vulnerability management solution that scans your website, detects vulnerabilities like XSS or SQL Injection and offers remediation.

Read more about Acunetix

Users also considered
Mend logo

Open source security and licenses compliance

learn more
WhiteSource is the leading solution for agile open source security and management.
We help companies find and fix open source vulnerabilities, including prioritizing vulnerabilities based on vulnerability's effectiveness.

Read more about Mend

Users also considered
Conviso logo

Application Security Posture Management

learn more
The Conviso Platform is an Application Security Posture Management (ASPM) solution that centralizes the management of risks, vulnerabil

Read more about Conviso

Users also considered
Sonatype Lifecycle logo

OSS Application Security and Dependency Management Solution

learn more
Sonatype Lifecycle controls open source risk across the SDLC to help application security scale their operations to the speed of development.

Eliminate unnecessary work
Improve efficiency and speed
Enhance productivity

Read more about Sonatype Lifecycle

Users also considered
Hackuity logo
(0)

Risk-Based Vulnerability Management Cockpit

learn more
Hackuity is a comprehensive security solution that orchestrates and automates the vulnerability management process.

Read more about Hackuity

Users also considered
NorthStar logo
(0)

Risk-Based Vulnerability Management

learn more
NorthStar is a powerful, fully-integrated security platform that allows users to manage the information security risk of your organization in an automated, flexible and reliable way.

Read more about NorthStar

Users also considered
Informer logo
(0)

Discover your external attack surface in minutes

learn more
Our External Attack Surface Management platform combines asset discovery, vulnerability scanning and integrated penetration testing in one platform. Gain full visibility of your attack surface with detail asset inventory, actionable vulnerability insights complete with alerting and reporting tools.

Read more about Informer

Users also considered
Akto logo
(0)

API Security Platform for Modern Appsec teams

learn more
Akto is an industry-leading solution for API discovery, API security posture management, sensitive data exposure, API security testing.

Read more about Akto

Users also considered
Deepinfo Attack Surface Platform logo
(0)

Know your attack surface. Empower your security.

learn more
Deepinfo Attack Surface Platform discovers all your digital assets, monitors them 24/7, detects any issues, and notifies you quickly so you can take immediate action.

Read more about Deepinfo Attack Surface Platform

Users also considered
RIPS logo
(0)

Static code analysis tool for web application security

learn more
RIPS is a static code analysis solution that helps businesses of all sizes automate and manage security testing in Java & PHP applications, detect risks/threats and implement corrective actions. It enables users to maintain and monitor scores on configurations, security and quality of applications.

Read more about RIPS

Users also considered
ThreadFix logo
(0)

Vulnerability management & risk prioritization platform

learn more
ThreadFix is a vulnerability management solution designed to help businesses consolidate test results and prioritize risk decisions. Software development and server operation teams can export vulnerability data into defect tracking and ticketing systems to resolve discovered vulnerabilities.

Read more about ThreadFix

Users also considered
ThunderScan logo
(0)

SAST Application Security

learn more
ThunderScan by DefenseCode is a Static Application Security Testing (SAST) software that allows businesses to perform deep and extensive security analysis of various application source codes. ThunderScan can be integrated with existing CI/CD pipelines and DevOps environment, offering a platform that requires almost no user input, easy to use, and can be deployed during or after development.

Read more about ThunderScan

Users also considered