SAINT is a commercial vulnerability assessment and penetration system. It was originally developed in the late 1990's as free UNIX tool based on the open source SATAN scanner. Later it went commercial and broadened into a whole suite of tools for vulnerability detection, exploitation, and asset management. It is available on multiple platforms, including appliances (SAINTbox) and cloud-hosted (SAINTcloud). Top competitors include Nessus, Nexpose, and QualysGuard.
For downloads and more information,
visit the SAINT Security Suite homepage.
SAINT is a very effective tool for collecting and managing vulnerability data. As an MSP, we use it to power data collection in our risk-based vulnerability management platform called TARA https://svtara.com/
The SAINT architecture supports diverse needs and includes capabilities for internal, external, and portable device scanning (via agent). The versatility has served us well from both a functionality and scale perspective.
We use Saint as a core part of our consulting business and have not found a scanner that works better for our use cases. Easy to deploy, excellent results, with minimal false positives. Everyone should use this.
What? SAINT is not only alive, but has become one of the premiere scanners on the market today! It is deployed around the globe and has thousands of users and millions of scans. We release a new version every quarter - Version 9.5 “Big Sky” is being released on February 26th! If you would like to participate in the release conference, let us know and we will get you an invite: https://www.saintcorporation.com/contact/
Gary Merry, CEO SAINT
Unlike Nexpose, and QualysGuard, SAINT runs on Linux and Mac OS X.
This is a misleading comment. Nexpose runs on Ubuntu, RHEL and Windows. Their appliance version is currently using Ubuntu 12.04, so I am not sure why this was said. The Qualys appliance is also using a linux OS.
The summary of SAINT makes the curious statement that "SAINT is one of the few scanner vendors that don't support [MS] Windows at all". I'd like to contribute a clarification to that: SAINT certainly does scan for Windows vulnerabilities, and in addition to the regular addition of MS Windows vulnerability checks, a SAINT update is generally available each month 24 to 36 hours after Microsoft releases its "Patch Tuesday" bulletins.
Perhaps the original statement was observing that the SAINT scanner itself doesn't come in a native-Windows version. In practice, that's rarely a limitation. Even if a network has no Linux, Mac OS X, or BSD hosts at all, SAINT can be run from a bootable USB memory stick or as a virtual machine within an MS Windows host. Folks who think of themselves as running "an all-Windows shop" are using SAINT all the time.
[Moderator note: We've updated the description text to clarify that we mean SAINT doesn't run on Windows. Cheers.]
Update: The latest version of SAINT is 7.11.4, released 2011 December 16. Maintenance versions including the latest vulnerability checks are generally released twice a week, while new feature versions are released approximately every two months.
As one of the SAINT developers, I'm not including a star-rating. :)