Vendor: Carson & SAINT
Price: $2,000 for an annual subscription for small businesses and consultants; $5,000 for a mid-level enterprise
Contact: carson-saint.com

Quick Read

Strengths:
SAINT’s impressive, flexible and scalable scanning capabilities set it apart from many others in this space. Security teams can schedule scans easily, configure them with a lot of occurrence flexibility, and then fine-tune them with advanced options.
Weakness:
Organizations with numerous assets may find the reporting less robust than others and the dated-looking interface is difficult to use.
Verdict:
Overall, SAINT Security Suite is a solid tool that has evolved nicely after many years of development. This is a particularly good option for those looking for an advanced environmental scanning tool.

Rating Breakdown

SC Labs Reviews

Reviews from our expert team

Features:
Rating: %s
Documentation:
Rating: %s
Value for Money:
Rating: %s
Performance:
Rating: %s
Support:
Rating: %s
Ease of Use:
Rating: %s
Rating: 4.75/5 4.75/5

Summary

Carson & SAINT has designed SAINT Security Suite to help security teams easily manage their data. With the SAINT Security Suite, companies now view vunerability management as a business problem and use professional services such as compliance support, gap assessments and others to address it. This single, fully integrated solution conducts active, passive and agent-based assessments while its extensive flexibility evaluates risk according to each business.

SAINT’s impressive, flexible and scalable scanning capabilities set it apart from many others in this space. SAINT has partnered with AWS, allowing its customers to take advantage of AWS’s efficient scanning. Should subscribers prefer, SAINT also offers a Windows scanning agent. Security teams can schedule scans easily, configure them with considerable occurrence flexibility and fine-tune them with advanced options.

Subscribers can customize the SAINT dashboard so that it detects and highlights only organization-specific vulnerabilities, giving businesses the freedom to classify and chart flaws according to their own risk assessment scales. SAINT does not issue vulnerability scores based solely on CVSS. The suite has its own list of known exploits and an engine that can filter data and draw special attention to those vulnerabilities that pose real risk.

A built-in tool can even evaluate personnel weaknesses within an organization, launching faux campaigns such as phishing scams to assess each employee’s susceptibility to attack. SAINT considers all vulnerability data within a pre-determined business context and tags assets with this context so that security teams no longer waste time trying to gain more information about harmless vulnerabilities.

Exportable reports can show filtered data in PDF, HTML, CSV or XML format. The platform contains several pre-built reporting templates that support various compliance frameworks. We found the reports flexible – we could customize them to include or exclude different elements. However, we had some trouble navigating the reporting section. We could not clearly determine which charts applied to the different types of displayed data.

Overall, SAINT Security Suite is a solid tool that has evolved nicely. Its business workflows and interoperation with other security tools give it a much better ROI than other security products do. However, organizations with numerous assets may find the reporting less robust than other solutions and its dated-looking interface difficult to use.

Pricing starts at $2,000 for an annual subscription for small businesses and consultants and $5,000 for a mid-level enterprise, including 24/5 phone and email support. Organizations also have 24/7 access to website support a knowledge base.

Tested by Tom Weil