The Open Vulnerability Assessment System (OpenVAS) scanner runs many network vulnerability tests (NVTs) against many target hosts and delivers the results. It uses a communication protocol to have client tools (graphical end-user or batched) connect to it, configure and execute a scan and finally receive the results for reporting. Tests are implemented in the form of plugins which need to be updated to cover recently identified security issues. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. Additional components are: openvas-client to control the scanner, and openvas-manager and openvas-administrator to leverage OpenVAS to a comprehensive vulnerability management solution. OpenVAS is a fork of Nessus.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
Tenable Nessus is a world-leader in active vulnerability scanners. It features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of your security posture. Nessus scanners may be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. It is free of charge for personal use in a non-enterprise environment.