Nipper Enterprise is a web application using a set of containerized Nipper instances that scale up and automate the auditing of the configuration of every core network device, every day. This brings the power and accuracy of Nipper to the whole network and enables the continuous audit and compliance assessment against risk management frameworks, such as NIST 800-171 and CMMC that advanced cyber teams need.
- Accurately identify misconfigurations and interdependencies between core network settings
- Analyse the impact if an issue is exploited
- Understand how easy it is to exploit the issue
- Calculate how easy it is to remediate (with a time to fix)
- Determine the exact technical fix needed to remediate
Assess the risk in terms of both security and compliance.
- Accurate security snapshot of the entire core network
- Continuous monitoring for configuration drift / ZTA baselining
- Overlay security risk criticality findings onto RMF assessments
- Assure compliance for CDM, DISA RMF, NIST, CMMC and PCI
- Criticality ratings based on ease of exploitation and impact to network
- Security and compliance lenses
- Device specific remediation advice and command-line fixes
- Inform remediation workflows/POAMs to address critical risks, fast.
- Improve MTTD and MTTR
- Save thousands of labor years not investigating false positives
Integrations with trusted 2FA, Active Directory, PAM and IDAM providers ensure Nipper Enterprise can meet stringent operational security requirements.
Nipper Enterprise can ingest device configurations from pre-extracted configuration files within repositories, to assess the security and RMF compliance of the most secure networks in the world.
Risk Visualization, Prioritization & Exploration
Machine-readable JSON and syslog outputs enable integration with dynamic visualization, prioritization, enrichment and exploration SIEM and GRC tools.
Remediation Workflow Enhancement
Integrations with SOAR and ITSM platforms enable risk prioritized playbook- controlled remediation automation workflows to improve MTTR.
Flexible Device Labelling and Audit Scheduling
Devices can be labelled as required by, for example, network criticality, geographic location, manufacturer, device type, etc. Using labels then enables audit cadence scheduling flexibility based on network or device risk profiles.
Nipper Enterprise is a horizontally scalable, agentless web-based application, hosted on a VSphere platform or AWS VPC.
The solution is capable of directly connecting to network devices to access the configuration file (for continuous monitoring) or ingesting previously extracted configurations (for snapshots). The analysis performed is identical regardless of the configuration source. Risk findings are produced in a variety of formats, including JSON and syslog, enabling integration with existing SIEM, SOAR and ITSM SOC and NOC solutions.
Nipper Enterprise’s integrations with trusted Active Directory, 2FA, PAM and IDAM providers ensure it meets operational security requirements.