Free Vulnerability Scanners

Free Vulnerability Scanners

Vulnerability scanners help us in automatic security auditing and play a crucial part in our IT security. The advantages of these scanners are the ability to scan our network and websites up to thousands of different security risks, producing a prioritized list of things that should be patched, describe the vulnerabilities, and give steps on how to remediate them. Even more, the scanners can sometimes even automate the patching process. Unfortunately, the cost of vulnerability tools can sometimes be too expensive. Don’t worry, though! There are some tools that are pretty affordable or, even better, free.

As mentioned on, there are some vulnerability tools that are free and proven to work well:

–¬†¬†¬†¬†¬†¬†¬†¬†¬† OpenVas

The Open Vulnerability Assessment System (OpenVAS) is a free network security scanner platform, with most components licensed under the GNU General Public License (GNU GPL). The main component is available via several Linux packages or as a downloadable Virtual Appliance for testing/evaluation purposes. Thus, most components work only in Linux. Although the scanner itself does not work on Windows machines, they offer clients for Windows.

OpenVAS is not the easiest and quickest scanner to install and use, but it is one of the most feature-rich, broad IT security scanners that you can find for free. It scans for thousands of vulnerabilities, supports concurrent scan tasks, and scheduled scans. It also offers note and false positive management of the scan results.

–¬†¬†¬†¬†¬†¬†¬†¬†¬† Retina CS Community

Retina CS Community provides vulnerability scanning and patching for Microsoft and common third-party applications, such as Adobe and Firefox, for up to 256 IPs free. Plus it supports vulnerabilities within mobile devices, web applications, virtualized applications, servers, and private clouds. It installs on Windows Server 2008 or later, requires the .Net Framework 3.5 to be installed, IIS server enabled, and Microsoft SQL 2008 or later to be installed. Keep in mind, installation on Domain Controllers or Small Business Servers is not supported.

This tool is a great free offering by a commercial vendor, providing scanning and patching for up to 256 IPs free and supporting a variety of assets. However, some small businesses may find the system requirements too stringent, as it requires a Windows Server.

–¬†¬†¬†¬†¬†¬†¬†¬†¬† Microsoft Baseline Security Analyzer (MBSA)

This tool is relatively easy to use. It can perform local or remote scans on Windows desktops and servers, identifying any missing service packs, security patches, and common security misconfigurations.

Unfortunately, although free and user-friendly, MBSA lacks scanning of advanced Windows settings, drivers, non-Microsoft software, and network-specific vulnerabilities. Nevertheless, it’s a great tool to help us find and minimize general security risks.

–¬†¬†¬†¬†¬†¬†¬†¬†¬† Nexpose Community Edition

Nexpose Community Edition can scan networks, operating systems, web applications, databases, and virtual environments. The pitfall of the community edition is it is limited to 32 IPs scanning at the time. After that, upgraded version is needed.

Once a site is scanned we will be able to see a list of assets and vulnerabilities details including OS and software information and details and how to fix them. Optionally, it is also possible to set policies to define and track our desired compliance standards. Report generation feature is also available.

–¬†¬†¬†¬†¬†¬†¬†¬†¬† SecureCheq

This tool can perform local scans on Windows desktops and servers, identifying various insecure advanced Windows settings like defined by CIS, ISO or COBIT standards. It concentrates on common configuration errors related to OS hardening, data protection, communication security, user account activity and audit logging.

SecureCheq is simple, easy to use and user friendly. However, it misses some of the more general Windows vulnerabilities and network-based threats. For the free version, it is limited to scanning less than two dozen settings, about a quarter of what the full version supports.

–¬†¬†¬†¬†¬†¬†¬†¬†¬† Qualys FreeScan

The free version can be downloaded through their website and can be used to check vulnerabilities until 10 URLs. Qualys FreeScan supports a few different scan types; vulnerability checks for hidden malware, SSL issues, and other network-related vulnerabilities. OWASP is for auditing vulnerabilities of web applications. In the end, the report will be generated. This tool is usually used to check internal system.