Save or Share this Report

For Security & Risk Professionals

The Forrester Wave™: Vulnerability Management, Q2 2010

Qualys Leads; Rapid7, nCircle, McAfee, And Lumension Follow

July 15, 2010

Primary author headshot


Why Read This Report

In Forrester's 53-criteria evaluation of vulnerability management vendors, we found that the market is rife with mature products. Qualys led the pack because of its strong vulnerability assessment capability, forward-thinking strategy, and exceptional customer reviews. Rapid7, Lumension, McAfee, and nCircle are a notch down, but all turned in solid scores that landed them in the Leaders section. eEye Digital Security, Tenable Network Security, and Critical Watch are ranked as Strong Performers. These products may lack platform diversity, have slightly weaker application-level scanning capability, or do not support comprehensive policy compliance. However, all of the products we evaluated have mature vulnerability assessment functionality. Given this, IT security professionals should choose a vulnerability management product based on the more cutting-edge functionality, such as support for remediation and application-level scanning, rather than on traditional network and system vulnerability management functions.

Get Access

Already a Client?

Log in to read this document.

Become a Forrester Client

Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.

Purchase Report

This report is available for individual purchase ($2495 USD).


Tools And Templates

Best Practice Assessments

best practices icon
  • Evaluated Providers: Vendor Information And Selection Criteria

Models and Calculators

calculator icon
  • IT Security Professionals Are Responsible For Vulnerability Management

Table of Contents

  • Vulnerability Management Is A Core Function For IT Security
  • Vulnerability Management Vendor Evaluation Overview
  • Evaluated Vendors Render Mature Solutions
  • Vendor Profiles
  • Supplemental Material
  • Related Research Documents