KEV-TICKERcves_ytd=28,720kev_total=1,289added_7d=+7[CISA KEV ↗]
// 15 scanners · verified 2026-06-26

Vulnerability scanner directory.
Filter by asset, deploy, price-band.

Live filterable scanner table. Per-asset list prices verified against vendor pages on the date stamped per row. Quote-only vendors carry partner-reported ranges, not inferred rates. No demo wall.

// direct-answer

What is a vulnerability scanner, in one paragraph?

A vulnerability scanner is software that probes networks, hosts, web apps, cloud configurations, container images, or source code for known CVEs and misconfigurations, then ranks the findings for remediation. In 2026 the field splits into network VM (Tenable, Qualys, Rapid7), cloud-native CNAPP (Wiz, Orca), web DAST (Invicti, Acunetix, Burp), code and container (Snyk, Trivy), and open-source (OpenVAS, ZAP, Nuclei).
// filter ::
asset
deployment
scan-type
compliance
price-band
license
Tenable Nessus Professional

Single-scanner on-prem workhorse. Per-scanner not per-asset.

verified 2026-06-25 · vendor page
networkwebcloud
self-hostedagent
AMBER
$4,790 / year (1 scanner, 1-year)
pci-asvsoc2hipaaiso27001free tier
Tenable Vulnerability Management (Tenable.io)

Per-asset SaaS replacement for Nessus at scale, plus WAS/EASM/CTEM modules.

verified 2026-06-25 · vendor page
networkwebcloudcontainer
saasagentagentlesshybrid
AMBER
$3,500 / year for 100 assets (~$35/asset/yr)
pci-asvfedrampsoc2hipaaiso27001free tier
Qualys VMDR

Cloud-native VMDR with TruRisk scoring; quote-only at enterprise scale.

verified 2026-06-25 · vendor page
networkwebcloudcontainer
saasagentagentless
QUOTE
Quote only; partner-reported ~$199 per asset per year
pci-asvfedrampsoc2hipaaiso27001free tier
Rapid7 InsightVM

Insight Agent + Live Dashboards + Remediation Projects; per-asset list tiers.

verified 2026-06-25 · vendor page
networkcloud
saasagenthybrid
AMBER
$1.75 per asset per month list (~$21/asset/yr) at higher tiers
pci-asvsoc2hipaaiso27001free tier
Wiz

Agentless CNAPP. Graph-based risk, big in cloud-native shops. Anchors on workloads not assets.

verified 2026-06-25 · vendor page
cloudcontainercode
saasagentless
QUOTE
Quote only; partner-reported $70k-$120k for ~500-workload mid-market estate
soc2fedramphipaaiso27001free tier
Orca Security

SideScanning agentless CNAPP. Often discounted aggressively against Wiz in head-to-heads.

verified 2026-06-25 · vendor page
cloudcontainercode
saasagentless
QUOTE
Quote only; partner-reported $50k-$100k for ~500-workload estate
soc2fedramphipaaiso27001free tier
Snyk

Per-developer SCA + SAST + Container + IaC. Free tier is genuinely usable.

verified 2026-06-25 · vendor page
codecontaineriac
saas
PHOSPHOR
Free up to caps; Team starts at $25/dev/mo
soc2iso27001hipaafree tier
Invicti

Enterprise DAST with Proof-Based Scanning to cut triage. Sibling brand to Acunetix.

verified 2026-06-25 · vendor page
web
saasself-hosted
QUOTE
Quote only; partner-reported ~$5,000 per app per year
pci-asvsoc2hipaaiso27001free tier
Acunetix

Mid-market DAST sibling to Invicti. Per-target pricing, AcuSensor IAST optional.

verified 2026-06-25 · vendor page
web
saasself-hosted
QUOTE
Quote only; partner-reported $4,500-$7,000 Standard for 5 targets
pci-asvsoc2hipaafree tier
Burp Suite Enterprise

PortSwigger's enterprise DAST. Out-of-band Collaborator detection. Published list pricing.

verified 2026-06-25 · vendor page
web
self-hostedsaas
SIGNAL
$8,395 / year (Starter, 1 concurrent scan, 5 apps)
pci-asvsoc2free tier
ManageEngine Vulnerability Manager Plus

Mid-market scanner + patch in one. Cheapest list pricing on the directory.

verified 2026-06-25 · vendor page
network
self-hostedsaasagent
PHOSPHOR
Professional $695 / year for 100 workstations
pci-asvsoc2hipaafree tier
HostedScan

Managed wrapper around OpenVAS / ZAP / Nuclei. Cheap entry point for solo founders.

verified 2026-06-25 · vendor page
networkweb
saas
PHOSPHOR
Free 5 targets; Pro $30/mo (10 targets); Business $250/mo
soc2free tier
Pentest-Tools.com

Pen-tester-flavoured scanner platform with report generator. Per-target monthly.

verified 2026-06-25 · vendor page
networkweb
saas
PHOSPHOR
Basic $95/mo (15 targets); Advanced $200/mo; Teams $475/mo
pci-asvsoc2free tier
OpenVAS / Greenbone Community Edition

Self-hosted GPL scanner. Real cost is admin hours and feed lag versus Nessus.

verified 2026-06-25 · vendor page
network
self-hosted
FREE / OSS
Free (self-hosted). Greenbone Enterprise appliances quote-only.
pci-asvfree tier
Trivy

De-facto open-source container / IaC / SBOM scanner. CI/CD minutes are the real cost.

verified 2026-06-25 · vendor page
containercodeiac
self-hosted
FREE / OSS
Free (Apache 2.0). Aqua Enterprise quote-only.
soc2free tier
[ 15 of 15 scanners shown ] · row prices verified against vendor pages on the date stamped above.
// below-fold: tco

Per-asset TCO ceiling

Anchored to published vendor list rates plus a 20 to 35 percent RFP discount window. Quote-only vendors carry the partner-reported midpoint and a wider band.

vendorlowmidhighbasis
Tenable.io$12.2k$18.8k$18.8k100-asset list anchor $35/asset/yr, 20-35% RFP discount window, plus WAS/EASM/CTEM module uplift if toggled.
Qualys VMDR$64.1k$106.8k$117.5kQuote only. Partner-reported ~$199/asset/yr midpoint, 40% RFP discount floor.
Rapid7 InsightVM$7.9k$11.3k$12.9kPer-asset list ~$1.75/asset/month at scale tier; 30% RFP discount floor.
Wiz$61.6k$79.2k$120.0kQuote only. Per-workload anchor (~$140-$240/workload/yr partner-reported), with $50-$120k mid-market floor.
Snyk (Team)$3.5k$3.9k$4.5k$25/dev/month published Team tier. Dev count proxied as max(5, webApps + 5).
Open-source baseline (OpenVAS + Trivy + ZAP)$15.6k$22.2k$31.1kAdmin hours/month scaled with asset count, loaded hourly rate, plus ~$2,400/yr infra estimate.
// numbers are annual ceilings, USD
// next
// wizard

Shortlist wizard

Four questions to a three-tool shortlist. No email, no demo.

// free tiers

Free-tier matrix

What you can actually do in each free tier. Real caps, not marketing.

// kev context

CVE / KEV context

Counters and the week's KEV additions. Backed by CISA + NVD + EPSS.

FAQ

  • What is a vulnerability scanner?
    A vulnerability scanner is software that probes networks, hosts, web applications, cloud configurations, container images, or source code for known security weaknesses (CVEs) and configuration drift, then ranks the findings by severity for remediation.
  • Which vulnerability scanner is best in 2026?
    There is no single best scanner. For network VM, Tenable.io, Qualys VMDR, and Rapid7 InsightVM lead. For cloud-native, Wiz and Orca dominate. For web apps, Invicti, Acunetix, and Burp Suite Enterprise. For code and containers, Snyk and Trivy.
  • Is there a free vulnerability scanner?
    Yes. Nessus Essentials is free up to 16 IPs. OpenVAS / Greenbone Community Edition is fully free self-hosted. Trivy is Apache 2.0 for containers, IaC, and SBOMs. Snyk has a free tier with usable monthly caps.
  • What does a vulnerability scanner cost?
    Network VM list prices land between $21 and $199 per asset per year depending on vendor. Cloud-native scanners like Wiz and Orca are quote-only, typically $50k to $120k per year at mid-market scale. Snyk anchors at $25 per developer per month.
  • How often should I run vulnerability scans?
    PCI DSS requires quarterly external ASV scans plus internal scans after significant change. SOC 2 expects continuous or at least monthly scanning. HIPAA defers to risk analysis but auditors increasingly expect weekly or continuous coverage.
Sources cited: [CISA KEV ↗] [NIST NVD ↗] [FIRST EPSS ↗] [Tenable ↗] [Rapid7 ↗]