Some vulnerability scanning tool providers recognize the key role managed IT service providers (MSPs) and managed IT security service providers (MSSPs) play for the many organizations with constrained IT resources. These vendors actively cultivate relationships with service providers, resellers, and other partners through marketing support, multi-tenant features, referral pricing, and more.
The following tools provide strong options to support vulnerability scanning and other capabilities and also offer options specifically for service providers:
|Deployment Options||Cloud-based||On-Prem||Appliance||Service Option|
|Carson & SAINT||Yes||Linux or Windows||Yes||Yes|
|RapidFire VulScan||Hyper-V or VMware Virtual Appliance||Hyper-V or VMware Virtual Appliance||N/A||N/A|
|Solarwinds Network Configuration Manager||Virtual appliance Windows Server 2012+, AWS or Azure marketplace||Windows Server 2012+||N/A||N/A|
|Syxsense Security Scanner||SaaS Platform||N/A||N/A||N/A|
Carson & SAINT
Developed in the 1990s as a free UNIX tool, the SAINT tool has evolved into a broad array of configurations and capabilities related to vulnerability management, incident response, compliance reporting, and penetration testing.
- MSP- and MSSP-tailored solutions for service providers
- Single user or multi-user options
- Scalability options for distributed scanners and secure tunneling
- Integrated AWS vulnerability scanning
- Finds, prioritizes, and manages vulnerabilities
- Scans network devices and cloud infrastructure
- Provides APIs for custom integration; existing integration for Continuum GRC, Splunk and more
- Also available as
- a rack-mountable or set-top box appliance (SAINTbox) for fast deployment
- a cloud-based solution (SAINTcloud) available directly or through AWS
- a consulting service
- Multiple capabilities: asset management, configuration monitoring, compliance reporting, incident response ticketing, vulnerability scanning, penetration testing, and social engineering
- Multiple configurations to meet a variety of needs (cloud-based, on-prem, appliance)
- Scans for vulnerabilities, misconfigurations, and malware exposure
- Integrated testing of vulnerabilities and misconfiguration with penetration testing
- Customers report constant updates to improve scanning and assessment capabilities
- Some customers complain of excessive false positives
- Not a specialized tool. If only vulnerability scanning is needed, the other features will overly complicate the process and the solution will seem bloated
Carson & SAINT does not list pricing on their website, but they have a form to obtain pricing information and register for a free trial. Customers online note annual licenses starting at $1,500/year/user and the AWS marketplace includes a price calculator for SAINT based upon cost/host/hour.
— Celerium (Dark Cubed)
RapidFire Tool’s VulScan product performs internal and external network vulnerabilities. This tool can be combined with their Network Detective Pro and Cyber Hawk tools to enable MSPs and MSSPs to deliver a broad range of IT and security services.
- Automate internal vulnerability scans
- Multiple scanners can be scheduled independently, but results consolidate to one dashboard
- Supports multiple clients with consolidated and individual dashboards and reports
- Automatically generate service tickets for discovered issues and vulnerabilities
- Multi-tenant dashboards
- Automated email alerting, filtered by desired IP ranges or severity
- Use custom scans for specific needs or quickly set up the scanner and use preset scans for “Low Impact,” “Standard,” and “Comprehensive”
- More thorough scans can be enabled using authenticated or credentialed scanning from internal endpoints
- External and internal vulnerability scanners enable MSPs and MSSPs to deliver vulnerability management and remediation services
- The brandable and customizable report generator enables MSPs and MSSPs to create branded reports or to help customers provide customer-branded compliance reports
- Service-provider-specific training resources
- Optional workflow to outsource alerts to RocketCyber SOC
- Partner white-label marketing materials
- For-pay onboarding can be too short for effective training
- Virtual appliance requires expertise to set up correctly
RapidFire Tools does not publish pricing, but instead requests that interested customers fill out a form for a quote. Customers have reported prices in the range of $500 per scanner for a multi-year commitment.
Solarwinds Network Configuration Manager
Solarwinds’ Network Configuration Manager provides a package of solutions for network compliance, network automation, network configuration backup, and vulnerability assessment. The tool also integrates with a family of other Solarwinds products to enable a spectrum of capabilities to manage, monitor and secure networks, systems, databases, and applications.
- Scans network devices for reported Common Vulnerabilities and Exposures (CVEs)
- Prevents unauthorized network configuration changes
- Audits network routers and switches for compliance
- Build and test configuration changes to run against targeted devices to accelerate updates to configurations, eliminate errors, and improve consistency
- Backed by the Transform, the Solarwinds partner program
- Part of a much larger family of tools
- Partner marketing support
- A bit bloated for those that only need a vulnerability scanner
- Can report a higher rate of false positives
- May not be suitable for complex IT environments with cloud, IoT, OT, and virtual assets
A license for Solarwinds’ network configuration manager starts at $1,738 with options for subscriptions and Perpetual Licensing. Perpetual licenses include support and updates for one year, but will continue to function at the end of a year. Subscriptions cost much less, but will cease to function once the subscription expires.
Syxsense Security Scanner
Syxsense’s cloud-based security scanner discovers endpoints in real time when they communicate over a monitored network. Syxsense provides MSP and MSSP tailored features to enable partnership growth such as no program fees, free training, free onboarding, dedicated channel teams, online deal registration, marketing collateral, joint marketing support, and options for monthly billing.
- Multi-tenant features to monitor and manage vulnerabilities for specific customer environments
- Single screen dashboard for all customers or customer specific
- Realtime device discovery
- Automated patch management
- Inventory history & audit logs
- Broad detection for misconfigurations, open vulnerabilities, open ports, antivirus status, disabled firewalls, etc.
- OS agnostic and captures Windows, macOS, iOS, Linux, and Android devices
- 10% referral commission or direct billing options
- Integrates with other Syxsense products for advanced systems management, patching, and endpoint protection
- Cloud-based and rapid to setup
- Easy to use
- Also includes configuration management, threat alerts, remote control, reboot management, and compliance reports
- Cannot scan devices blocked from the internet or strictly on-prem
- Some users complain of frozen remote access issues
- Primarily a patch management solution, other capabilities do not have the same performance capabilities
- Does not support all OS vulnerabilities equally; Linux and Apple not as well supported
Syxsense does not publish pricing, but will provide quotes. Security vulnerability scans and management become available with the Syxsense Secure product. Future features such as remediation, mobile device management (MDM), and SIEM data exports can be obtained by upgrading to Syxsense Enterprise.
Best MSP/MSSP Vulnerability Scanning Tool Criteria
Every organization needs vulnerability scanning performed, but many lack the internal resources to install, configure, and maintain vulnerability scanning tools, let alone perform the scans and act on them. For this article we focused on vulnerability scanners that emphasize an MSP/MSSP offering. Multi-tenant capabilities were also considered as a factor to make this list.
We excluded very capable vulnerability scanning tools such as open source tools and vendors that may have a more limited promotion of MSP/MSSP programs. For example:
- Invicti: application scanner focused on enterprise clients
- Fortra Digital Defense: service provider with enterprise-focused tools
- nmap: popular open source tool
- Manage Engine: SMB-focused tool
- OpenVAS: popular open source tool
- Qualys: Enterprise-focused tool
- Tenable: Enterprise-focused tool
Some vendors such as ConnectSecure and In-SOC provide vulnerability management solutions which encompass more than scanning; however, for the purpose of this article, we focused strictly on vulnerability scanning tools. Services such as Hacker Target or Hosted Scan host vulnerability scanning services that utilize open source tools; these solutions were also excluded because they are not tools.
Bottom Line: MSP & MSSP Vulnerability Scanning Tools
Managed services providers drive customer satisfaction and security through vulnerability scans. An MSP or MSSP that detects issues before an attacker can exploit them can save a fortune in future costs by avoiding a breach for the client.
Managing unpatchable vulnerabilities provides revenue generating opportunities for MSPs and MSSPs through IT architecture designs, additional tools, and services to monitor or control unpatchable vulnerabilities. However, to ensure profitable and stable deployments, MSPs and MSSPs should select tools with service-provider-tailored features, marketing programs, and support.
For more information on Vulnerability Scanning Options see:
- Best Vulnerability Scanner Tools
- 12 Top Vulnerability Management Tools for 2023
- 10 Best Open-Source Vulnerability Scanners for 2023
- Penetration Testing vs. Vulnerability Testing: An Important Difference