Vulnerability Management
Fast, proactive and around the clock. Establish vulnerability management that goes beyond CVE scans and patch management and close security gaps before they become a problem.
An attacker only needs to find one vulnerability – you, on the other hand, need to find them all. Scan your system for security vulnerabilities now

More than 10.000+ secured systems by hidden champions, SMEs and our partners.
Enginsight is the most comprehensive and simple security solution for all sizes of companies, Made in Germany.





With Enginsight you are always one step ahead
Only those who know their IT are able to react quickly and eliminate vulnerabilities before they can be exploited.

Always keep an eye on your IT environment, regardless of time and place. Work more effectively by centrally viewing all relevant information and enabling consistent monitoring of your IT landscape.

Make the security status of your IT transparent and act proactively before vulnerabilities become a problem. Save time every day – with automated workflows.

Keep your focusand know at any time which work really needs your attention– through valid knowledge of your construction sites in IT security.

QSil AG, quartz glass manufacturer
Identifying and closing gaps
Gain valid insights into potential security vulnerabilities and eliminate them before someone else can exploit them. With Enginsight, you know exactly what’s most important to you now.
Everything in view
Correct prioritization thanks to the view of the entire IT
Bring the vulnerabilities of your entire IT environment into one view. This way, you are always informed about the security status of all assets and know where the most urgent action is needed.
- Inform responsible persons
- Clear dashboard
- Risk assessment of each asset
Whitebox analyses
Highest quality data
Thanks to the agent installed directly on your servers and clients, you get 100% valid vulnerability assessments. With continuous monitoring for vulnerabilities, you are immediately informed about a changed security situation.
- Validation of the security vulnerabilities
- Permanent vulnerability monitoring
- Alarm on new security gaps
Proactive
Eliminate hazards
Respond adequately to threats at all times, apply patches directly from the platform or automate your update processes. Beyond the basics, Enginsight gives you configuration management and the attacker’s view.
- Import and automate updates
- Manage configurations
- Automated pentest
The more you know about your own IT landscape, the more secure you can make your systems sustainable. Vulnerability management is an important cornerstone here. However, IT security involves more than just CVE scans and patch management.
Technical details
Would you like to know a little more? Then you are exactly right here! Find out what Enginsight does for you in detail when it comes to vulnerability management in a completely automated way.
The Pulsar Agent installed on servers and clients enables detection and inventory of all installed software. The operating system libraries are examined as well as the files on the hard disk are scanned with the extended software monitoring in order to include non-regularly installed software in the inventory (e.g. portable apps, programs embedded in other applications, Java libraries).
The software inventory forms the best data basis for the actual vulnerability scan, the comparison of the installed software with known security vulnerabilities (Common Vulnerabilities and Exposures, or CVE for short). Thanks to the agent installation, 100% validity is guaranteed and false positives are excluded.
- Platform independent (Windows & Linux)
- Best database thanks to software inventory
- 100% valid results
- No false positives
Enginsight can also be used to scan network peripherals on which a Pulsar Agent cannot be installed for security vulnerabilities. Websites can also be monitored for vulnerabilities. For this purpose, a sensor is placed in the network (Hacktor) or Internet (Observer). Subsequently, entire networks can be scanned for vulnerabilities.
From the outside, the sensors examine the open ports and the web application for vulnerable software. By optionally storing access data (auth provider), operating systems and installed software can be retrieved, results expanded and validation improved.
- Scan networks for security vulnerabilities
- Websites and web portals
- Deposit auth providers for SNMP, WMI, SSH
The associated CVE identifier is given for all security vulnerabilities. The CVSS score (1 to 10) allows categorization by urgency. With a risk score for each asset, users can prioritize patch management by threat. An alarm immediately informs responsible persons about new security vulnerabilities. Further information on each vulnerability in the NIST database and additional sources on the Internet are linked, for example on possible exploits.
- CVSS-Score
- Risk score
- Urgency level
- Integration with alarm system
- Linking of further information
Jede von Enginsight detektierte CVE wird über die verfügbaren Meta-Informationen und unter Einbeziehung des Softwaretyps validiert. It then receives an assessment via the validity traffic light, which guarantees full transparency.
Most of the validation information is available to the vulnerability scan via the Pulsar Agent, so 100% validity is always guaranteed. All assets on which a Pulsar Agent can be installed should therefore be equipped with the software component.
- Validation based on meta information
- Validity traffic light
- 100% valid results for CVE scan with Pulsar Agent
To bring vulnerable software to a safe state, an update to the current version is usually sufficient. Enginsight’s Update Manager enables the targeted import of updates across multiple servers and clients. In addition, updates can be fully automated, and automatic updates can also be limited to security-related updates. The tag system allows convenient configuration even in large IT environments.
- Platform independent (Linux & Windows)
- Compatible with Windows Server Update Services (WSUS)
- Patching third-party Software on Linux systems
Next to insecure software, faulty configurations represent a second category of risk that you can effectively address with Enginsight’s configuration management. Use autofixes to correct configurations directly from the Enginsight platform.
The Security Technical Implementation Guides (STIGs) integrated for all common operating systems can be extended with your own guidelines. This also allows documentation requirements to be fulfilled effectively.
- Microsoft Windows 10
- Microsoft Server 2008/2012/2016/2021
- Canonical Ubuntu 16/18/20
- Red Hat Enterprise 6
- SUSE Linux Enterprise 12