Vulnerability Scanner
Nmap and CVE scanning — built in, no extra tool
What it does
AlertMonitor includes integrated vulnerability scanning using industry-standard Nmap discovery combined with CVE database matching. Open ports, unpatched services, and network misconfigurations are identified across endpoints and network devices automatically. No separate vulnerability management vendor is required — scanning is part of your AlertMonitor subscription.
One tool, not three: Most MSPs run separate RMM, vulnerability scanner, and patch management tools. AlertMonitor unifies scanning, patching, and remediation tracking — the same team that finds the vulnerability tracks it through to closure.
Capabilities
- Nmap-based host and service discovery across all monitored network segments
- CVE matching against discovered service versions from the National Vulnerability Database
- CVSS-scored findings with exploitability ratings and patch availability status
- Endpoint software inventory with vulnerable version flagging
- Network device firmware version tracking against known CVE exposure
- Scan scheduling with configurable windows to avoid business hour disruption
- Findings integrated with the alert stream — critical CVEs generate prioritized analyst alerts
How it works
Vulnerability scans run from the AlertMonitor sensor inside your network using Nmap with OS detection and service version probing. Service banner data is cross-referenced against the NVD CVE database and vendor-specific advisories. Findings are de-duplicated across scan cycles to surface only new or changed vulnerabilities. Integration with patch management data identifies known-vulnerable software on endpoints alongside the network scan results.