Vulnerability Management

Multiplatform endpoint security with detection and response capabilities

OWASP Project for making vulnerability management easier.

Facilitating exchange of information and knowledge to collectively protect against cyberattacks.

A container compliance and vulnerability assessment tool that uses OpenSCAP to scan Docker images and running containers for security vulnerabilities and compliance violations.

Threat intelligence and digital risk protection platform

Check for known vulnerabilities in your Node.js installation.

ZeusCloud is an open source cloud security platform that discovers AWS assets, identifies attack paths, and provides remediation guidance with customizable compliance controls.

A HackerOne-managed bug bounty program dedicated to identifying and fixing security vulnerabilities in the Node.js ecosystem.

The CVE Program catalogs publicly disclosed cybersecurity vulnerabilities.

CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

A comprehensive reference guide covering Nessus vulnerability scanner configuration, management, API usage, and best practices.

Unified cybersecurity platform with XDR, EDR, PAM, email security, and compliance

CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.

XDR platform with EDR, NGAV, MDR, threat hunting, and incident response

Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.

ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.

All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.

A comprehensive repository providing guidance and remediation strategies for hardware and firmware security vulnerabilities including side-channel attacks, microcode issues, and UEFI hardening.

List of publicly disclosed vulnerabilities with security filters and detailed advisories.