One way you can protect yourself from a variety of web-based security threats is to equip Zoho’s web risk-driven security scanner called ManageEngine Vulnerability Manager Plus (opens in new tab) – well, that was a mouthful, let’s call it Vulnerability Manager Plus from now on.
Aiming to cover all businesses, regardless of budget, Zoho’s “beautiful software” is here to solve “business problems” with multiple layers of products, including a freemium edition that you can try right away – it’s a full-featured fit for small and medium-sized enterprises (SMEs).
Zoho Corporation, formerly known as AdventNet, is an India-based, multinational technology company, providing SMBs with a variety of web-based, business-centric tools for over two decades.
Famous for its Zoho Office Suite, the company announced that it had over 80 million users by July 2022, which is nothing short of impressive.
Zohos is headquartered in Chennai, India, and Zohos’ offices are spread across nine countries around the world, including the US, Netherlands, Japan, China, Singapore, Brazil, South Africa, Australia, UAE, and Saudi -Arabia.
The official site of Vulnerability Manager Plus looks fresh and feels easy to use – it’s also available in multiple languages and offers a lot of information about the software itself, which we always like to see.
If you’re a fan of social media sites, you can find Vulnerability Manager Plus on Facebook, Twitter, Instagram, LinkedIn, and YouTube – there you’ll also find lots of videos on various security-related topics.
Subscriptions and prices
Vulnerability Manager Plus comes in three forms: a “free edition” suitable for SMBs and suitable for up to 25 computers; a “Professional” subscription best for mission-critical businesses and computers in LAN; and an “Enterprise” plan aimed at enterprises and enterprise-level computers in WAN.
As suggested, “Free Edition” is completely free, but it comes with an attractive set of features such as advanced scanning and vulnerability assessment, detection of risky software, zero-day vulnerability (opens in new tab) detection and mitigation, and much more.
The “Professional” plan will cost you $695 per year and if you want to use the “Enterprise” plan, it will cost you $1195 for a year. All plans are billed on an annual or perpetual basis, so if you were hoping to pay for just one month and see how it works for you, you’re out of luck.
Thankfully, all paid plans are backed by a 30-day free trial and come with full features, meaning you can try everything out for yourself before spending a dime.
These subscriptions can be purchased with all major credit/debit cards.
Features and functionality
Vulnerability Manager Plus scans all your systems at regular intervals and assesses critical security configurations and software within your network for vulnerabilities and security threats. Data collected from these scans is used to identify the real threats hunting within endpoints.
Once a risk is identified, Vulnerability Manager Plus will alert the administrator and present solutions ready for deployment in the target system. Vulnerability assessment allows administrators to prioritize certain vulnerabilities (opens in new tab)so they know which to treat first.
In addition to a risk-based vulnerability assessment, Vulnerability Manager Plus provides some excellent features such as detection and removal of high-risk software, detection and resolution of server misconfigurations, missing patch detection, automatic patch deployment for more than 300 third-party apps, and zero-day vulnerability detection and migrations.
And if you need security advice, Vulnerability Manager Plus gives you recommendations on how to set up your web servers safely and securely. Also expect to get tons of reports with this rather rigorous web security scanner.
As for supported operating systems (OS’), Vulnerability Manager Plus works great with most versions of Windows, Linux, Mac, iOS and Android.
Interface and ease of use
To get Vulnerability Manager Plus, go to the landing page of the official site and click on one of the bright red “Download” buttons which will take you to the page where you can finally download the software. (opens in new tab) – it should not take longer than a few minutes.
As soon as you start the download, you will be asked if you want to attend a free personalized demo and free training or if you want to subscribe to a newsletter where you will receive news about the products, updates, promotions and some useful tips and tricks.
When the Vulnerability Manager Plus installation is complete, you can proceed to your dashboard – although it may seem a bit complicated at first glance, it is surprisingly easy to understand and use.
By color-coding all detected vulnerabilities, the dashboard helps you understand which of these vulnerabilities need to be addressed without further delay (and which can wait a while).
There you can also enjoy an extensive and very effective use of charts that make it easy to understand everything that is happening in your dashboard. The Threats section allows you to manage your software and zero-day vulnerabilities, system configurations, high-risk software, web server misconfigurations, and even active ports in your network systems.
Vulnerability Manager Plus also offers a well-stocked library of executive reports, detailed report templates, and custom query reports that support a variety of file formats – PDF, XLSX, and CSV to name a few. You can choose between generating reports on demand and scheduling them to be sent to your team with a single click on your dashboard.
It’s also worth noting that Vulnerability Manager Plus is currently available in 17 languages in addition to English.
Customer service
If you sign up to ManageEngine by entering your name, business email, phone number, company name and the name of the country you live in, you can take advantage of their technical team and this is available via phone, live chat and email mail.
The best part about it is that it’s offered to all licensed users (even those with freebies) – the worst part is that it’s practically notorious for being painfully slow.
You can also visit the documentation page where you will find plenty of easy-to-follow instructions, some of which are supported with screenshots or video tutorials.
Contest
As the name suggests, OpenVAS is open source software, but also an all-in-one vulnerability scanner with impressive scan coverage. Like most freeware, it’s completely free and backed by a dedicated developer community, something you won’t find with Vulnerability Manager Plus.
On the other hand, OpenVAS is not as beginner-friendly as Vulnerability Manager Plus as it requires some technical know-how. Plus, the dashboard looks insanely outdated.
Probely is another great alternative to Vulnerability Manager Plus and it’s aimed at security teams and software developers – so if you fall into these categories, you should definitely check them out. On the other hand, if you like free stuff, Probely’s free plan is painfully simple – you get a lot more with the freemium edition of Vulnerability Manager Plus.
If you strive for simplicity, Sucuri Sitecheck is probably the perfect choice for you. It’s one of the simplest web scanners we’ve seen and that’s both its strength and its weakness.
final verdict
While Vulnerability Manager Plus is impressively intuitive and easy to use, it is best suited for businesses of all sizes and for professional use in general.
However, if you don’t fit into this category and still want to check out Vulnerability Manager Plus for yourself, the full freemium edition allows you to do so without risking your budget.
