cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tim2
Newcomer II

Vulnerability Management Ingestion Tool

So I already have a vulnerability scanner where I can scan several thousand assets. 

I am using Nessus Pro. 

 

What I am looking for is a tool where I can aggregate and enrich  that data to produce:

  • reports
  • add asset owners,
  • classify assets,
  • add information about the assets like what application does this asset support, etc. 

 

I know Tenable has IO and SC but these tools don't seem to have all the flexibility I need for the price they want.  Does anyone have any suggestions besides spreadsheets?

2 Replies
ace52
Viewer II

Here's some options:
1. Tenable.io: I'm currently using this one. One issue I have is it holds onto old data from decommissioned servers for 90 days that's used to generate the risk score displayed in Lumin. So it would be better to have an option to report on real-time data.
2. Kenna Security: I used this one for a while and it was ok but it had syncing issues/delays sometimes that made the remediation process frustrating because it was reporting issues that had already been fixed and it took too long for the results to show in Kenna.
3. Vulcan.io: I'm currently evaluating this product. So far it's ok but new and has bugs in it.
tim2
Newcomer II

Im trying out a new tool called Nucleus VM, it seems to be promissing but still has alot of bugs in it