Manage your network risks with Nipper our accurate firewall and network configuration audit tool

Nipper discovers vulnerabilities in firewalls, switches and routers, automatically prioritizing risks to your organization. Our virtual modelling reduces false positives and identifies exact fixes to help you stay secure.

Audits: Firewalls | Switches | Routers

Get a free trial >

Trusted by

Features & Benefits

Audit every device accurately, every time

Analyzing the configurations and interactions of your network infrastructure with the expertize of a skilled penetration tester – Nipper’s unrivaled accuracy can save Network Administrators up to 3 hours per audit, per device. Instead of spending time investigating false positives of non-compliance, Nipper enables you to dedicate your valuable resources to analyzing and prioritizing fixes by providing:

Visibility of actual network vulnerabilities including existing false-negatives
Significantly fewer false-positives to investigate
Automated risk prioritization
Precise remediation with exact technical fixes
Flexible, configurable easy to read reports

Accurate reporting

Easy to read reports written in plain English
Machine consumable outputs for autonomous mitigation

Scheduling and integration

Audit scheduling (with re-audit function)
Inbuilt redaction
SIEM integration

Customized auditing

Device configuration audit
Security audit
Vulnerability audit
Compliance audits

Risk prioritization

Mitigation classification table
Customizable CVSS rating

Remediation advice

Exact technical fixes
Typical 'time to fix'

Supported Devices

For specific details on Nipper's support for vendor's products, models and versions, please either or request a trial.

Cisco

Fortinet

Palo Alto Networks

Check Point

3COM

Alteon Networks

Barracuda

Bay Networks

Blue Coat

Brocade

Crossbeam

CyberGuard

Dell

Extreme Networks

Foundry Networks

Forcepoint

Global Technology Associates

H3C

HP ProCurve Network

Huawei

IBM

Juniper Networks

McAfee

Microsoft

Netfilter

NETGEAR

Nokia

Nortel

Ruggedcom

Secure Computing

SonicWALL

Sophos

Watchguard

System Requirements

Below are the basic system requirements needed to operate Nipper

Microsoft Windows 7 or above (Server 2012 or above)

600MB disk space
4GB memory

GNU/Linux (Ubuntu, CentOS)

300MB disk space
2GB memory

Additional Functionality

CMMC Module

Nipper’s CMMC module fully automates the accurate assessment of 18 CMMC network security practices across 6 domains, and provides evidential information for a further 6 CMMC practices, across 4 domains, all of which are essential to evidencing compliance with CMMC Levels 1-3.

Get a free trial > Find Out More >

NIST 800-171 Module

Titania Nipper’s NIST 800-171 Module automates the assessment of 15 NIST 800-171 requirements, across 6 control families and provides evidential information for a further 6 requirements, across 4 control families.

Get a free trial > Find Out More >

Nipper’s accurate audit data can now be injected into your SIEM or SOAR via JSON

Security Control

STIGs

Organizations connecting to the DoD must demonstrate a robust process for checking and updating their networks’ security continuously. Automating your device audits with Nipper not only saves time and resources, it also provides an audit trail of reports to evidence STIGs compliance.

Learn more

NIST 800-171

Nipper automates the accurate assessment of 89% of controls in the NIST 800-171 framework related to network devices, saving Internal Auditors valuable time when determining compliance, and integrates with SIEM/SOAR systems to give you a network-wide view of compliance.

Learn more

NIST 800-53

Trusted by US government and federal contractors for proven accuracy, Nipper automates the assessment of 94% of NIST 800-53 network controls, identifies precise vulnerabilities, and recommends remediation actions for each, saving security teams up to 3 hours per device audit.

Learn more

PCI DSS

ISAs and QSAs around the world rely on Nipper’s accuracy when assessing their most critical procedures. Nipper automates the assessment of 88% of PCI DSS testing procedures relating to network devices, producing detailed reports including recommendations for fixing any security issues.

Learn more

CIS

Titania is a certified Center for Internet Security (CIS) member, helping clients reach the highest levels of cyber security. Our Nipper solution is trusted by public and private sector clients to automate the assessment of their network security against CIS benchmarks.

Learn more

Cyber Essentials

Cyber Essentials is a government-backed, industry-supported certification, seen as the first line of defense in protecting against cybersecurity risks. Nipper can help your organization prepare for certification by auditing your network devices and providing detailed reports showing risks and remediation recommendations.

Learn more

RMF

CMMC

Nipper accurately assesses 42 CMMC security practices across 9 domains, providing an actionable report within minutes. Reports can be integrated into SIEMs and GRC systems, helping you track your compliance throughout the network.

Learn more

FISMA

Taking just minutes to set up and run, Nipper automates the assessment of 34 (94%) of the NIST 800-53 network controls across 10 control families to accurately assess compliance with FISMA.

Learn more

CDM

Assess performance against the CDM Asset Management Capability, detect precise risks and evidence compliance against 33 NIST 800-53 controls with Nipper. Reports can be integrated into SIEM/SOAR systems, giving you a network-wide view of compliance.

Learn more

RMF

Already in service with all four arms of the DoD, Nipper detects precise security and compliance risks against the Risk Management Framework. Our software’s proven accuracy advantage saves security teams up to 3 hours per device audit.

Learn more

HIPAA

Entities handling protected health information can accurately assess their environment against the HIPAA Security Rule with Nipper. Our software delivers detailed and actionable reports within minutes, helping you maintain robust data security safeguards.

Learn more

Industry

Military

Titania Nipper is proven to protect military agencies, helping security teams identify and address any exploitable vulnerabilities or areas of non-compliance in their networks. Nipper automates device audits, taking just minutes to produce accurate reports with remedial recommendations for any vulnerabilities found.

Learn more

Federal

Titania Nipper is trusted by federal and government agencies around the world to protect critical infrastructure. Our software accurately detects vulnerabilities, prioritizes risks and identifies regulatory/compliance gaps, giving your team visibility of your security posture and compliance status across complex networks.

Learn more

Finance

With large attack surfaces, mission-critical facilities and highly valuable data, financial and banking institutions are continually at risk of cyber-attacks. Titania Nipper is trusted in the finance sector for accuracy in assessing compliance with PCI DSS and identifying network vulnerabilities.

Learn more

Telcos

Telco businesses are pioneers of emerging technologies, meeting demands of consumers and businesses and with this comes greater responsibility in ensuring cyber security resilience. Many leading Telcos are choosing to protect their networks with Titania Nipper as our software is scalable and proven to protect critical infrastructure.

Learn more

System Integrators

Trusted by the ‘Big Four’, Titania Nipper is the audit tool of choice for large and small consultancies around the world. Our software’s virtual modelling technology saves security teams 3 hours per device audit, accurately identifying vulnerabilities, prioritizing risks and recommending remediation actions.

Learn more

Healthcare

Healthcare providers are expected to conduct regular reviews of networks that handle patient data and keep pace with updates in security regulations. To help organizations comply with standards like HIPAA, Titania Nipper automates accurate detection of vulnerabilities, significantly reducing time and resources needed for maintaining compliance.

Learn more

Role

Risk & Compliance

RMF checks and compliance audits can be automated with Nipper, freeing up your team to focus on more strategic activities. Nipper can be run in offline mode for locked-down/air-gapped networks and generates detailed compliance reports that prioritize risks and recommend precise actions to fix any issues raised.

Learn more

Vulnerability Assessors

Assured by the accuracy of our virtual modelling technology, many vulnerability assessors are turning to Nipper to identify and prioritize vulnerabilities, saving up to 3 hours per device audit. Nipper reports can be branded with your logo to ensure a consistent experience for your client.

Learn more

Quality & Internal Security Assessors

ISAs and QSAs around the world trust Nipper to automate the assessment of vulnerabilities and compliance against the PCI DSS standards, saving up to 3 hours per device audit. Our software accurately identifies and prioritizes risks and provides detailed remediation recommendations for each non-compliance issue found.

Learn more

NOC

At the frontline of defense against network compromises and with an ever-increasing workload, NOCs are turning to Nipper to automate their device audits. Improve your mean time to detect misconfigurations and vulnerabilities in your network devices and speed up remediation with Nipper’s detailed recommendations for each risk found.

Learn more

SOC

Proven to significantly reduce the mean time to detect misconfigurations and vulnerabilities in network devices, Nipper is helping SOCs around the world build operational confidence in threat detection and management. Our software can be integrated into your SIEM/SOAR system, giving you a scalable, network-wide view of your security posture.

Learn more

Managed Security Service Providers

Trusted by MSSPs around the world, Nipper is proven to generate accurate, consistent and reliable reports, with the level of detail clients need to improve their security posture. Free up your time from configuration auditing and report writing by automating the whole process, so you can focus on the more value-add activities.

Learn more

Download your free trial and put Titania Nipper to the test

GET A FREE TRIAL >

Nipper has a wealth of different report options to fit your auditing needs

Best Practice Security Audit

Perform a Best Practice Security Audit (combining multiple industry checks). Use rating systems and mitigation advice to prioritize and plan your fixes.

Detailed configuration reporting

Including: filtering, routing protocols, administration services and more. This report offers a quick, clear view of your device settings.

Audit against globally known vulnerabilities

Including US Government National Vulnerability Database (NVD) and NIST Common Vulnerability and Exposure (CVE) databases. Security issues in the public domain are easy to exploit; this report helps you quickly identify these risks.

The Center for Internet Security (CIS) benchmark reports

These reports can be run against Cisco ASA and IOS devices. The reports have been externally certified by CIS and verified as auditing against their baseline.

PCI DSS audits

PCI (Payment Card Industry) audits perform the automatable system checks and supports integrating this verified data with nonautomatable policy checks. Results offer: detailed advice, verifying passes and explaining failures so you can quickly become compliant.

US Military STIG compliance

This audit was developed in conjunction with DoD IA user groups. Nipper is favored by many Government and Defense agencies because reports are detailed, verifiable and include remediation in line with STIG baselines. Reports can be generated offline for secure environments and scaled to audit any number of devices.

Compliance audit against SANS policy documents

The SANS Institute is a trusted industry body which also trains information security professionals. Their policy is a compliance benchmark to audit against in order to assess your security level.

Cisco PSIRT audits

The Cisco PSIRT audit analyses devices against Cisco’s community managed list of security advisories, reporting identified vulnerabilities, including Cisco’s Security Impact Rating (SIR) and the respective Common Vulnerability Scoring System (CVSS) base score for each vulnerability.

Do you find yourself asking...

Are you a customer? Check out our Support FAQs instead

How does Titania Nipper improve firewall security?

Nipper combines pen tester expertise and virtual modeling technology to accurately audit your network devices (firewalls, switches and routers), analyzing the configurations and interactions of your network infrastructure.

Impact assessments and prioritization of vulnerabilities within the reports will help you allocate resources, and the remediation advice and exact technical fixes provided help reduce mean time to remediation.

Find out in 2 minutes how Nipper can improve your security posture

What’s new in Nipper?

Nipper 2.13 Release

Continuing our tradition of enhancing accuracy and building on support with each new release, Nipper 2.13 offers enhanced device support. This update includes Palo Alto devices to cover PAN-OS 10, and Cisco devices to include FirePOWER devices, as well as performance improvements and more.

Find out more about Nipper 2.13

Titania Nipper NIST 800-171 Module

Titania Nipper NIST 800-171 module can automate the assessment of 15 of the NIST 800-171 requirements across six control families. Evidential information for a further six requirements across four control families can also be highlighted by the module.

Find out more about the NIST 800-171 module

Other recent updates:

See release notes for all recent releases including the latest plugins.

Can I integrate Nipper reports with our SIEM or SOAR system?

Yes, Nipper reports can be exported in a JSON format and integrated into your SIEM or SOAR system, allowing you to group, classify and prioritize vulnerabilities across your network.

Visit our resources center

You can now visualize your Nipper reports in Splunk

View all your audit reports in one dashboard with our Splunk integration. Get high-level information on your devices, as well as the ability to drill down for more detail. Download the Nipper app from Splunkbase here.

Are you using Elastic? You can now aggregate your audit reports in Elasticsearch!

Nipper’s accurate audit data – such as your detailed compliance posture against standards including DISA STIG, DHS CDM/NIST 800-53 and PCI – can now be injected into the Elastic Stack via JSON, where the combined solution provides greater scope to analyze and remediate large numbers of your machines on a daily basis. The Kibana dashboard then gives you the power to examine your security posture from different angles, filtering by categories of error and drilling down to precise detail about devices/models impacted and how to mitigate risks. To learn how to aggregate your Nipper audit reports in Elasticsearch and explore the data in Kibana – download the guide here.

What devices does your firewall audit software support?

Nipper can audit firewalls, switches and routers from all the major brands including:

• Cisco
• Check Point
• Fortinet
• Palo Alto
• Netfilter
• 3Com
• Barracuda
• Blue Coat
• Brocade
• Crossbeam
• …and many more.

Access our full list of supported devices here

If you have questions about any of these please get in touch on our webchat or at enquiries@titania.com

How often do you update your software / benchmarks?

We update the resources within Nipper, ie the Common Vulnerabilities and Exposures (CVEs) list from the National Vulnerability Database (NVD), with each software release.

You can access our release notes here.

If you would like to update these at any other time, we provide a method for updating the CVEs whenever you need to, so that you can be certain the audit reports are as up-to-date as possible. A guide on how to do this can be found in the 'Help & Information' section on the home screen within Nipper.

How does your network audit tool licensing model work?

Our licensing works on a per device (firewall, switch or router) basis by associating a device usage to an audited configuration. Once the device usage has been assigned to a device you will not be able to reallocate the usage, but you will be able to audit this device as many times as you need to for the entirety of your subscription.

If you have multiple year licenses the device usage will be reset every 12 months from the license creation date.

You can find out more about our licensing model here.

Our software is free to download and install for a 30-day trial.

A trial allows you to run audits on two of your network devices for 30 days.

GET A FREE TRIAL >

Do you have any information/documents to assist with my business proposal?

If you are looking for precise information on how Nipper maps to your requirements, take a look at our automation summaries in the Resource center.

To demonstrate how much time you could save per device, per audit, try our ROI calculator.

For full information on Nipper, you can also download our datasheets from here.

How do I know what requirements are supported by Nipper under the PCI DSS reporting option?

Of the 12 PCI DSS requirements, Nipper can automate requirements 1, 2, 6, 8, 10 and 11 (88% of the testing procedures relating to core network devices).

Find out more about how you can assess PCI DSS compliance with Nipper here.

Learn about aggregating Nipper reports into your SIEM for PCI DSS

Can I install Nipper on multiple devices?

Yes, you can, installing and activating Nipper on multiple workstations allows users to access the license to audit devices across different teams, departments, or locations. When activating Nipper on multiple workstations we suggest that you set the update check to happen on every use, to monitor the device usage accurately. To change the update settings, go to the home screen of Nipper and click on 'Change Settings'. Select 'Maintenance' and amend as needed using the 'Check Interval' drop-down menu.

What's the difference between a scanner and your network audit tool?

Scanners act as an attacker would, running attacks on devices and extrapolating weaknesses based on the results. They look at external data (results from attacks).

In contrast, Nipper analyses the configuration of firewalls, switches and routers ie. how devices will actually respond to any query or intelligent security scenario. Using virtual modeling technology, Nipper identifies any vulnerabilities in the settings and rule interactions and delivers a detailed and actionable report within minutes. Because our software analyses the actual configuration file, audits can be run with minimal contact with the device, therefore leaving a small footprint.

Using both scanners and Nipper will help you achieve a much higher level of security than using scanning tools alone.

Complementary features	Scanners	Nipper
Authentication and authorization configuration	X
Account and logging configuration	X
IDS and IPS configuration	X
Password strength and encryption analysis	X
Timeout configuration	X
Physical port analysis	X
Routing configuration	X
VLAN configuration	X
Network address translation	X
Network protocols	X
Device specificiation	X
Time synchronization	X
Network filtering (ACL) audit
Wireless networking
Warning messages (banners)
Network administration services
Network service analysis
Software vulnerability analysis

Check out our latest resources

Titania Nipper Datasheet

No more wasting time on false-positives. Save your auditors up to 3 hours per device.

Nipper Technical Specification

Cisco PSIRT Manual guide

How to manually update your Cisco PSIRT resources in Nipper

Impact of exploitable misconfigurations on network security - Infographic

Key highlights from the independent study into the impact of exploitable misconfigurations

Get started with Nipper

Get a free trial >

Functional for 30 days

Contact our team
+44 (0)1905 888785
Contact us

Security

Compliance

Industry

Function

Manage your network risks with Nipper our accurate firewall and network configuration audit tool

Audits: Firewalls | Switches | Routers

Trusted by

Audit every device accurately, every time

Supported Devices

Below are the basic system requirements needed to operate Nipper

Nipper’s accurate audit data can now be injected into your SIEM or SOAR via JSON

Stay secure, compliant and one step ahead with Nipper

STIGs

NIST 800-171

NIST 800-53

PCI DSS

CIS

Cyber Essentials

CMMC

FISMA

CDM

RMF

HIPAA

Military

Federal

Finance

Telcos

System Integrators

Healthcare

Risk & Compliance

Vulnerability Assessors

Quality & Internal Security Assessors

NOC

SOC

Managed Security Service Providers

Download your free trial and put Titania Nipper to the test

Nipper has a wealth of different report options to fit your auditing needs

Do you find yourself asking...

How does Titania Nipper improve firewall security?

What’s new in Nipper?

Can I integrate Nipper reports with our SIEM or SOAR system?

What devices does your firewall audit software support?

How often do you update your software / benchmarks?

How does your network audit tool licensing model work?

Do you have any information/documents to assist with my business proposal?

How do I know what requirements are supported by Nipper under the PCI DSS reporting option?

Can I install Nipper on multiple devices?

What's the difference between a scanner and your network audit tool?

Find out in 2 minutes how Nipper can improve your security posture

Nipper 2.13 Release

You can now visualize your Nipper reports in Splunk

Are you using Elastic? You can now aggregate your audit reports in Elasticsearch!

Learn about aggregating Nipper reports into your SIEM for PCI DSS

Complementary features

Scanners

Nipper

Check out our latest resources

Get started with Nipper