Control and measure web application scans
NT OBJECTives announced NTOEnterprise 2.0 which enables organizations to plan, manage, control and measure web application scans and also assess and prioritize areas of greatest risk across the enterprise.
“With NTOEnterprise, security teams, developers and CSOs can quickly view and easily understand how their organization’s security is improving, or not, and more importantly, what they can do about it. They can prioritize threats and respond more rapidly to their key areas of vulnerability,” says Dan Kuykendall, CTO and co-founder of NT OBJECTives. “With our customers’ input, we were also able to design an incredibly useful customizable report and graphic generation engine in the new version as well.”
NTOEnterprise features a consolidated graphical view of the enterprise security posture across all enterprise applications, allowing security professionals to easily determine vulnerability and application behavior trends, along with the overall status of the application security program.
The new version includes data tagging capabilities that enable security teams to view applications by any user-defined criteria such as business unit, business risk, criticality, owner, location or any other grouping that can help security professionals organize applications. Security professionals now also have the ability to navigate scan plans and configurations through flexible search functionality based on domain names, scan times and custom tagging.
NTOEnterprise 2.0 enhancements include:
Enterprise scan management
The enhanced user interface improves users’ ability to initiate, schedule and configure application scans through. The consolidated interface enables users to quickly view in-progress, recent and scheduled scans. Scans can be scheduled to run at regular monthly or quarterly intervals to provide ongoing monitoring of application security issues.
Blackout management
Users have an improved ability to define when scans can’t happen and when they can with improved blackout functionality. Only administrators can define blackout periods and the defined blackouts trump scheduled scanning so users can feel confident that business operations won’t be impacted.
Asset tagging
New asset tags facilitate flexible custom reporting and a graphical view of the security posture across all enterprise applications. Organizations can define (customize) their own tags to view applications and vulnerabilities from different vantage points. Organizations can tag by location, team or business functionality such as which applications store credit card data or Personally Identifiable Information (PII). In addition, organizations can define trending data to show vulnerability trends over time.
Custom and graphical report generation
New custom report generators allow users to define filters to quickly find and analyze vulnerability information from their scans. The custom reports and charts provide fantastic presentation data for management.
Test management software integration
NTOEnterprise is now capable of creating tickets for each discovered vulnerability in popular issue management systems. Supported systems: RSA Archer, HP Quality Center and Atlassian’s JIRA.
Infrastructure and performance
NTOEnterprise’s back-end infrastructure has been enhanced to optimize user experience and performance. The new installation model enables organizations to implement tighter security controls to each component.