SAINT is a commercial vulnerability assessment and penetration system. It was originally developed in the late 1990's as free UNIX tool based on the open source SATAN scanner. Later it went commercial and broadened into a whole suite of tools for vulnerability detection, exploitation, and asset management. It is available on multiple platforms, including appliances (SAINTbox) and cloud-hosted (SAINTcloud). Top competitors include Nessus, Nexpose, and QualysGuard.
For downloads and more information,
visit the SAINT Security Suite homepage.
SAINT is a very effective tool for collecting and managing vulnerability data. As an MSP, we use it to power data collection in our risk-based vulnerability management platform called TARA https://svtara.com/
The SAINT architecture supports diverse needs and includes capabilities for internal, external, and portable device scanning (via agent). The versatility has served us well from both a functionality and scale perspective.
We use Saint as a core part of our consulting business and have not found a scanner that works better for our use cases. Easy to deploy, excellent results, with minimal false positives. Everyone should use this.
Although we update SAINT daily, our newest major release was in December (9.9).
SAINT continues to grow as a Vulnerability Scanner and Vulnerability Management tool. Visit us at: https://www.carson-saint.com/products/saint-security-suite/
What? SAINT is not only alive, but has become one of the premiere scanners on the market today! It is deployed around the globe and has thousands of users and millions of scans. We release a new version every quarter - Version 9.5 “Big Sky” is being released on February 26th! If you would like to participate in the release conference, let us know and we will get you an invite: https://www.saintcorporation.com/contact/
Gary Merry, CEO SAINT
no rating
Aug. 9, 2018
<a href="https://google.com.au">John</a>
Make SAINT GREAT AGAIN! This was a greate tool for it's age.
Unlike Nexpose, and QualysGuard, SAINT runs on Linux and Mac OS X.
This is a misleading comment. Nexpose runs on Ubuntu, RHEL and Windows. Their appliance version is currently using Ubuntu 12.04, so I am not sure why this was said. The Qualys appliance is also using a linux OS.
The summary of SAINT makes the curious statement that "SAINT is one of the few scanner vendors that don't support [MS] Windows at all". I'd like to contribute a clarification to that: SAINT certainly does scan for Windows vulnerabilities, and in addition to the regular addition of MS Windows vulnerability checks, a SAINT update is generally available each month 24 to 36 hours after Microsoft releases its "Patch Tuesday" bulletins.
Perhaps the original statement was observing that the SAINT scanner itself doesn't come in a native-Windows version. In practice, that's rarely a limitation. Even if a network has no Linux, Mac OS X, or BSD hosts at all, SAINT can be run from a bootable USB memory stick or as a virtual machine within an MS Windows host. Folks who think of themselves as running "an all-Windows shop" are using SAINT all the time.
[Moderator note: We've updated the description text to clarify that we mean SAINT doesn't run on Windows. Cheers.]
Update: The latest version of SAINT is 7.11.4, released 2011 December 16. Maintenance versions including the latest vulnerability checks are generally released twice a week, while new feature versions are released approximately every two months.
As one of the SAINT developers, I'm not including a star-rating. :)
Your comment
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).
19
SAINT is a very effective tool for collecting and managing vulnerability data. As an MSP, we use it to power data collection in our risk-based vulnerability management platform called TARA https://svtara.com/
The SAINT architecture supports diverse needs and includes capabilities for internal, external, and portable device scanning (via agent). The versatility has served us well from both a functionality and scale perspective.
As somebody who has used vuln scanners for almost 20 years now, I can honestly say that SAINT is my preferred scanner.
The main reasons that I prefer SAINT is the ease of deployment, setup of scanning jobs and flexible reporting engine.
Would highly recommend anybody who hasn't tried it in a while to take it for a spin again.
We use Saint as a core part of our consulting business and have not found a scanner that works better for our use cases. Easy to deploy, excellent results, with minimal false positives. Everyone should use this.
Gary Merry - CEO SAINT Corporation.
Although we update SAINT daily, our newest major release was in December (9.9). SAINT continues to grow as a Vulnerability Scanner and Vulnerability Management tool. Visit us at: https://www.carson-saint.com/products/saint-security-suite/
What? SAINT is not only alive, but has become one of the premiere scanners on the market today! It is deployed around the globe and has thousands of users and millions of scans. We release a new version every quarter - Version 9.5 “Big Sky” is being released on February 26th! If you would like to participate in the release conference, let us know and we will get you an invite: https://www.saintcorporation.com/contact/ Gary Merry, CEO SAINT
Make SAINT GREAT AGAIN! This was a greate tool for it's age.
Used to use SAINT all the time however times have changed but for it's time it was a great tool.
This tool is still available?!! I'm trying to get this tool but I didnt get it
The new version of SAINT is SAINT 8. Just to add SAINT enterprise is perfect for multi tenant windows network architecture -
Unlike Nexpose, and QualysGuard, SAINT runs on Linux and Mac OS X.
This is a misleading comment. Nexpose runs on Ubuntu, RHEL and Windows. Their appliance version is currently using Ubuntu 12.04, so I am not sure why this was said. The Qualys appliance is also using a linux OS.
It was a nice tool derived from SATAN (like also SARA), I like it but I think NEssus and OpenVAS are better.
The summary of SAINT makes the curious statement that "SAINT is one of the few scanner vendors that don't support [MS] Windows at all". I'd like to contribute a clarification to that: SAINT certainly does scan for Windows vulnerabilities, and in addition to the regular addition of MS Windows vulnerability checks, a SAINT update is generally available each month 24 to 36 hours after Microsoft releases its "Patch Tuesday" bulletins.
Perhaps the original statement was observing that the SAINT scanner itself doesn't come in a native-Windows version. In practice, that's rarely a limitation. Even if a network has no Linux, Mac OS X, or BSD hosts at all, SAINT can be run from a bootable USB memory stick or as a virtual machine within an MS Windows host. Folks who think of themselves as running "an all-Windows shop" are using SAINT all the time.
[Moderator note: We've updated the description text to clarify that we mean SAINT doesn't run on Windows. Cheers.]
Update: The latest version of SAINT is 7.11.4, released 2011 December 16. Maintenance versions including the latest vulnerability checks are generally released twice a week, while new feature versions are released approximately every two months.
As one of the SAINT developers, I'm not including a star-rating. :)