Key features of R&S®Vulnerability Manager

With R&S®Vulnerability Manager, proactively detect IT vulnerabilities to monitor your security posture and minimize your attack surface

Key features Vulnerability Manager

Full Scope

Scan your entire IT, including networks, OS (Windows/Unix), RDBMS, shares, Web apps, APIs and Web services.

Full Scope

All discovered vulnerabilities are classified by process (patch management, authentication...) and technology (OS, DB, Web) so the reports are assigned to the right operators for higher efficiency.

Multi-site Support

The Enterprise edition leverages deployable probes to match the needs of large companies with multiple sites.

Multi-site Support

Yet, all information are centralized in the master VM which manages remote probes, delegates inventory and scanning tasks while providing a unique repository of your vulnerabilities.


Scans are run automatically and can be scheduled in the background so users and performances are not impacted at all.


Periodic inventories discover assets and group them. Then, scans identify vulnerabilities in targeted groups or specific devices/websites and send reports to all stakeholders automatically.

Virtual Patching

Reduce your attack surface by adjusting the policy of your WAF based on a scan result while vulnerabilities are fixed.

Virtual Patching

Export the scans of your websites to R&S®Web Application Firewall to optimize its configuration until website vulnerabilities are permanently fixed in the source code.

Form Factor Choice

Choose the form factor (virtual machine, SaaS or USB key) that best matches your specific needs in vulnerability assessment.

Form Factor Choice

All three products can be used together and combined so the main VM acts as a central internal repository of your whole IT security posture data, integrating reports from the Cloud and Portable editions.

Data Privacy

Your vulnerability data remain in your control, inside your network. Even the Cloud Edition keeps no trace of your data.

Data Privacy

Whatever form factor is used to scan your infrastructure, all vulnerabilities (external and internal) are gathered at your place, inside your master VM. We do not keep any of your security information.


Reports on vulnerabilities and remediation tickets show both your current security posture and how it has improved over time.


Reports combine executive level, managerial and technical views, support customizable templates and show evolution (diff) over time. In 4 formats (PDF, XML, CSV, MHT) and multiple languages.

Optimal TCO

Easy setup, actionable reports and comprehensive testing make R&S®Vulnerability Manager an affordable, turnkey solution.

Optimal TCO

The price scales with your needs, whatever architecture and number of probes you choose to deploy, making a great ROI from the outset. Besides, inventorying your assets is unlimited and free!

Why choose R&S®Vulnerability Manager?

Discover why R&S®Vulnerability Manager is the right solution for you

  • Large security coverage

    Because you want a single all-in-one solution to manage the vulnerabilities of all your IT assets and technologies.

  • The product for your need

    Because you want to scan your external and internal security, including your remote sites and subsidiaries.

  • Immediate productivity

    Because you may not have dedicated expertise on vulnerability management, the product is very easy to manage.

  • DAST-WAF integration

    Because we master both technologies, the integration between scanner and WAF delivers effective virtual patching and more.

  • Unique reporting efficiency

    Because we provide template-based, actionable reports for executives, operational and technical stakeholders.

  • You keep your data!

    Because your security posture is critical information, you keep it and manage it internally, even offline if needed.

Form factors

Deploy Vulnerability Manager on a Virtual Machine, in the Cloud or on a USB Key


Enterprise Edition

The Enterprise Edition is available as a pre-installed virtual machine that runs on any hypervisor. This edition centrally manages remote probes for multi-sites support.


Cloud Edition

The Cloud Edition runs the vulnerability scanner in the Cloud to assess your outfacing security, for both websites and other services (VPN, etc). This edition doesn’t need any installation.


Cloud-based solution

Rohde & Schwarz Cybersecurity takes application security to the cloud and is delivering Vulnerability Manager on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms


Portable Edition

Deliver in the form of a bootable USB key, the Portable Edition lets auditors use the scanner to assess the security posture of any remote location. No installation require.

Customer references

What our customers are saying about R&S®Vulnerability Manager

Security is not there to forbid, but to protect and assist. With Vulnerability Manager we make it easier for us to assist security on servers and applications.
Jérôme Poggi

Additional resources

More information on Rohde & Schwarz Cybersecurity’s Vulnerability Manager solution


Datasheet DenyAll Vulnerability Manager

Sample report – Network scan

Audit Report VM

Sample report – App scan

Audit Report Vulnerability Manager

Technical documentation

DenyAll Detect Technical Documentation

Download R&S®Vulnerability Manager Datasheet