Nipper Studio: A new approach to security auditing
Developed by UK-based Titania Ltd., Nipper Studio is an interesting solution that takes a whole new approach towards security auditing. Wouldn’t it be great to be able to analyze the security of vital aspects of your network in just a couple of seconds? It may sound overly optimistic, but Nipper Studio aims to do just that.
A network is comprised of different devices, from switches and routers to firewalls and other security appliances. A number of problems can arise: they can be misconfigured, left unpatched or get maliciously modified.
Auditing these devices can take a toll on your budget, especially if you are using outside contractors for the job. Titania saw a market in this and their Nipper Studio aims to be a more cost effective, flexible, and better-fitting solution for this problem.
With a large number of plugins built in-house, Nipper Studio is powered by an intelligence engine that is fed with the the configuration file of a selected device. It then analyzes it and in a record time delivers a clear picture of potential problems.
The product itself is a standalone application that can run on a number of different systems – Windows, Mac OS X, as well as the most popular Linux distributions (CentOS, Fedora, OpenSUSE and Ubuntu). The installation is very straight forward. You need to visit the vendor’s homepage, choose the download file (depending on the OS, it varies from 7 to 69 MB) and grab your serial number/activation code combo.
I counted over 100 different devices that Nipper Studio can analyze and the list includes all the major appliances. For an actual list of currently supported devices, please go here. The administrator just needs to download the configuration file from one or more devices that need to be tested and open it in Nipper Studio.
Starting the analysis process by adding the configuration file.
The analysis setup procedure is packed with configuration options and the level of detail customization is impressive. In the security audit coverage screen, you can select the scope of the audit by (de)selecting specifics such as NAT, IDS/IPS settings, authentication details, network interfaces, etc.
Setting up the security audit scope.
The app lets you be as creative as possible when setting up different filters. There is even a section where you can decide whether to use Nipper Studio’s own rating system or CVSS v2 to optimize the analysis toward your actual target environment. When the setup is over, you just click the “Finish” button and within a couple of seconds, the report appears.
The quality of the report is top notch! Every alert or issue found is followed with a large chunk of information that helps you understand the problem and its potentially impact, and a set of recommendations to mitigate the issue. If you do any modifications on the device, you can just reboot it, get the latest configuration file and re-asses it with Nipper. In this case (XML exports needed) you can use the compare functionality to analyze the security status of the same device based on different scan time frames.
Security audit summary that opens up the report.
Besides XML, the reports can be exported into a number of different formats including HTML, PDF, CSV, and SQL. Needless to say, you can custom edit any of these export types to suite your needs. In the reporting module, I also liked the possibility of excluding some portions from the report or even adding your personal comments to any found issues. Any report can be customized with your company logo and details.
Nipper Studio is an extremely handy application that solves the problem of network auditing in a simple and cost-effective way, and should easily find its way into every security professional’s arsenal.