Supported Vulnerability Scanners
Vulnerability data can be collected from several manufacturers and vendors of security products as shown in Table 1. If the scanner deployed in your network is not listed in this document, you can contact your sales representative to review support for your appliance.
Table 1: Supported Vulnerability Scanners
Vendor | Scanner name | Supported versions | Configuration name | Connection type |
|---|---|---|---|---|
Beyond Security | Automated Vulnerability Detection System (AVDS) | AVDS Management V12 (minor version 129) and above | Beyond Security AVDS Scanner | File import of vulnerability data with SFTP |
Digital Defense Inc | AVS | N/A | Digital Defense Inc AVS | HTTPS |
eEye Digital Security | eEye REM | REM V3.5.6 | eEye REM Scanner | SNMP trap listener |
eEye Retina CS | Retina CS V3.0 to V4.0 | Database queries over JDBC | ||
Generic | Axis | N/A | Axis Scanner | File import of vulnerability data with SFTP |
IBM | IBMAppScan Enterprise | V8.6 | IBMAppScan Scanner | IBM REST web service with HTTP or HTTPS |
IBM | InfoSphereGuardium | v9.0 and above | IBMGuardium SCAP Scanner | File import of vulnerability data with SFTP |
IBM | Bigfix | V8.2x to V9.5.2 | IBM BigFix Scanner | SOAP-based API with HTTP or HTTPS |
IBM | InfoSphereSiteProtector | V2.9.x | IBMSiteProtector Scanner | Database queries over JDBC |
IBM | Tivoli Endpoint Manager Now known as IBM BigFix | |||
Juniper Networks | NetScreen Security Manager (NSM) Profiler | 2007.1r2 | Juniper NSM Profiler Scanner | Database queries over JDBC |
2007.2r2 | ||||
2008.1r2 | ||||
2009r1.1 | ||||
2010.x | ||||
McAfee | Vulnerability Manager | V6.8 | McAfee Vulnerability Manager | SOAP-based API with HTTPS |
V7.0 | XML file import | |||
V7.5 | ||||
Microsoft | Microsoft System Center Configuration Manager (SCCM) | MicrosoftWindows | Microsoft SCCM | DCOM must be configured and enabled |
nCircle or Tripwire | IP360 | VnE Manager V6.5.2 to V6.8.28 | nCircle ip360 Scanner | File import of vulnerability data with SFTP |
netVigilance | SecureScout | V2.6 | SecureScout Scanner | Database queries over JDBC |
Open source | NMap | V3.7 to V6.0 | NMap Scanner | File import of vulnerability data over SFTP with SSH command execution |
Outpost24 | Outpost24 | HIAB V4.1 OutScan V4.1 | Outpost24 | API over HTTPS |
Positive Technologies | MaxPatrol | V8.24.4 and later | Positive Technologies MaxPatrol | SFTP or SMB Share |
Qualys | QualysGuard | V4.7 to V8.1 | Qualys Scanner | APIv2 over HTTPS |
Qualys | QualysGuard | V4.7 to V8.1 | Qualys Detection Scanner | API Host Detection List over HTTPS |
Rapid7 | NeXpose | V4.x to V6.5 | Rapid7 NeXpose Scanner | Remote Procedure Call (RPC) over HTTPS |
Local file import of XML file over SCP or SFTP to a local directory | ||||
Saint Corporation | Security Administrator's Integrated Network Tool (SAINT) | V7.4.x | Saint Scanner | File import of vulnerability data over SFTP with SSH command execution |
Tenable | SecurityCenter | V4 and V5 | Tenable SecurityCenter | JSON request over HTTPS |
Tenable | Nessus | Linux V4.0.2 to V4.4.x MicrosoftWindows V4.2 to V4.4.x | Nessus Scanner | File import over SFTP with SSH command execution |
Linux V4.2 to V5.x MicrosoftWindows V4.2 to V5.x | XML-RPC API over HTTPS | |||
Linux V6 Microsoft Windows V6 | JSON API |