This site uses cookies for managing your session and website analytics purposes. Allow Cookies

VulnIQ Security Scanner, terzi

VulnIQ security scanner is one of the key components of the VulnIQ solution, available for no additional cost. terzi can collect system information and run authenticated vulnerability scans and security analysis on endpoints.

How it works

terzi utilizes data from VulnIQ engine, by using VulnIQ engine APIs, to quickly and accurately report vulnerabilities.

  1. Collects list of installed software
  2. Uses VulnIQ APIs to determine vulnerabilities affecting each software based on version information
  3. Uses VulnIQ APIs to determine data that can be used to verify vulnerabilities
  4. Executes verification actions, for example executes OVAL definitions to verify vulnerabilities
  5. Determines vulnerabilities with high accuracy, does not rely on version numbers only
  6. Optionally pushes collected data to your VulnIQ server so that you can view and manage assets, inventories and vulnerabilities using VulnIQ Vulnerability Manager

Modes of operation

Command line tool

You can run terzi from the command line to collect system information, get a list of vulnerabilities affecting the system, execute an OVAL definition or an individual test. terzi is built for scripting. You can run it from a script or a cron job.


You can run terzi in agent mode to continuously collect data and push collected data to a central VulnIQ server.


Most open source "vulnerability scanners" download data such as NVD feeds, vendor feeds etc to endpoints. They download and process data on endpoints to build their database.
terzi does not download unnecessary data to endpoints. It uses VulnIQ engine APIs to fetch only the necessary data. Therefore terzi instances are lightweight and can be installed and run easily.
Container Support

terzi supports collecting data from running docker containers without installing anything in the containers themselves. Just run it on the host machine and pass the container name.
If you have 20 containers running on a host, you can scan all of them by running terzi on the host.

terzi does not solely rely on version numbers to report vulnerabilities, it includes a fully featured OVAL (Open Vulnerability and Assessment Language) interpreter and executes OVAL definitions to report security issues with high accuracy.
Many vendors such as Red Hat, Debian, Canonical, publish OVAL definitions which can be used to determine vulnerabilities with high accuracy. Using vendor supplied OVAL definitions, you can get accurate scan results for no additional cost.
For more information see VulnIQ Open Vulnerability and Assessment Language implementation .

Versions and Pricing

VulnIQ security scanner, terzi, is included in the default VulnIQ bundle for all VulnIQ customers at no additional cost. All customers have access to the same fully featured version.
Aren't you also tired of complex license and pricing plans designed to charge you more?
Contact us at