Hi @lmoore
This type of work in my opinion should be done by professionals. I would seek vulnerability assessment and penetration testing to be done by a third party who can then give you the assessment and recommendations for securing your environment.
Penetration testing takes time, effort and knowledge of what to look for. I don't think there is really software (in-full) that will help you other than a port scanner.
As an example, I see a list of "Powerful Penetration Testing Tools" listed at https://www.softwaretestinghelp.com/penetration-testing-tools/ but you need to be knowledgeable about what to do with it and what exploits are currently on the market. Most problems can be mitigated by ensuring you are patching your servers, but if you want a more full assessment, reach out to a professional group.
---------------------------------------
If this is helpful please accept answer.