Manage your network risks through Audit every device accurately, every time
Analyzing the configurations and interactions of your network infrastructure with the expertize of a skilled
penetration tester – Nipper’s unrivaled accuracy can save Network Administrators up to 3 hours per
audit, per device. Instead of spending time investigating false positives of non-compliance, Nipper enables you to
dedicate your valuable resources to analyzing and prioritizing fixes by providing:
- Visibility of actual network vulnerabilities including existing false-negatives
- Significantly fewer false-positives to investigate
- Automated risk prioritization
- Precise remediation with exact technical fixes
- Flexible, configurable easy to read reports
Customized auditing
- Device configuration audit
- Security audit
- Vulnerability audit
- Compliance audits
Accurate reporting
- Easy to read reports written in plain English
- Machine consumable outputs
Scheduling and integration
- Audit scheduling (with re-audit function)
- Inbuilt redaction
- SIEM integration
Remediation advice
- Exact technical fixes
- Typical 'time to fix'
Risk prioritization
- Mitigation classification table
- Customizable CVSS rating
Our software helps you accurately identify risks in your network infrastructure and provides precise remediation, including command line fixes. You can customize Nipper's best practice audits or analyze your networks using ‘out of the box’ industry compliance standards (such as the STIG, CIS, PCI DSS benchmarks).
Try it now on your own devices and see what it can do for you.
Nipper has a wealth of different report options to fit your auditing needs
Best Practice Security Audit
Perform a Best Practise Security Audit
(combining multiple industry checks). Use
rating systems and mitigation advice to
prioritize and plan your fixes.
Detailed configuration reporting
Including: filtering, routing protocols,
administration services and more. This report
offers a quick, clear view of your device
settings.
Audit against globally known
vulnerabilities
Including US Government National Vulnerability
Database (NVD) and NIST Common Vulnerability
and Exposure (CVE) databases. Security issues
in the public domain are easy to exploit; this
report helps you quickly identify these risks.
The Center for Internet Security (CIS) benchmark reports
These reports can be run against Cisco ASA
and IOS devices. The reports have been
externally certified by CIS and verified as
auditing against their baseline.
PCI DSS audits
PCI (Payment Card Industry) audits perform the
automatable system checks and supports
integrating this verified data with nonautomatable
policy checks. Results offer:
detailed advice, verifying passes and explaining
failures so you can quickly become compliant.
US Military STIG compliance
This audit was developed in conjunction with
DoD IA user groups. Nipper is favored by
many Government and Defense agencies
because reports are detailed, verifiable and
include remediation in line with STIG
baselines. Reports can be generated offline
for secure environments and scaled to audit
any number of devices.
Compliance audit against SANS policy documents
The SANS Institute is a trusted industry body
which also trains information security
professionals. Their policy is a compliance
benchmark to audit against in order to assess
your security level.
Cisco PSIRT audits
The Cisco PSIRT audit analyses devices against Cisco’s community-managed list of security advisories, reporting identified vulnerabilities, including Cisco’s Security Impact Rating (SIR) and the respective Common Vulnerability Scoring System (CVSS) base score for each vulnerability.
Below are the basic system requirements needed to operate the Nipper system
Microsoft Windows Vista or above (Server 2008 or above)
400MB disk space
2GB memory
GNU/Linux (Ubuntu, CentOS)
300MB disk space
2GB memory
Supported Devices
Using both scanners and Nipper will give you a much higher level of security than scanning tools alone.
The table below highlights some of the differences:
Complementary features | Scanners | Nipper |
Authentication and authorization configuration | X |
|
Account and logging configuration | X |
|
IDS and IPS configuration | X |
|
Password strength and encryption analysis | X |
|
Timeout configuration | X |
|
Physical port analysis | X |
|
Routing configuration | X |
|
VLAN configuration | X |
|
Network address translation | X |
|
Network protocols | X |
|
Device specificiation | X |
|
Time synchronization | X |  |
Network filtering (ACL) audit |
| |
Wireless networking |
| |
Warning messages (banners) |
| |
Network administration services |
| |
Network service analysis |
| |
Software vulnerability analysis |
| |
Perform an audit on your firewall, switch or router configurations to effectively manage your security risks.
Computing Security - Titania Nipper Studio 2.5
Network routers, firewalls and switches are essential to business operations and yet their very complexity makes them easy targets for cyber criminals
Configurations, access rules and security policies need to be audited regularly to identify weaknesses; however, many organisations don't have the time or resources to do this manually.
Titania offers a simple and innovative solution, as its Nipper Studio does all the hard work so you don't have to. Capable of auditing critical infrastructure devices from an impressive range of vendors, it doesn't need to scan the network and so has zero impact on general operations.
Nipper Studio analyses device configuration files, allowing it to offer far more detailed reporting than vulnerability scanners. Even better, it includes compliance reporting modules for key data protection regulations, including PCI-DSS, STIG, NIST, SANS plus CIS, and brings them all together to provide essential vulnerability audits and best practice guides.
Nipper Studio is very amenable, as it can be installed on any host system running Windows XP/2003 upwards, macOS Sierra or Linux. We used a Windows Server 2012 R2 host, and had the software installed and ready to audit in two minutes.
The Nipper Studio console sees a refresh, although we've always found it very easy to use. Along with swift access to report generation and program settings, it provides links to help files, a supported device list and a new audit scheduler.
There are now two methods of interrogating devices as you download their configuration files to the host or access them directly from Nipper Studio over Telnet, SSH, HTTP or HTTPS. Either way, the first thing to do is choose a device from the extensive list, which includes Check Point, Cisco, Dell EMC, Fortinet, HPE, SonicWALL, WatchGuard and more.
Now you can aggregate your audit reports in Elasticsearch!
Nipper’s accurate audit data – such as your detailed compliance posture against standards including DISA STIG, DHS CDM/NIST 800-53 and PCI – can now be injected into the Elastic Stack via JSON, where the combined solution provides greater scope to analyze and remediate large numbers of your machines on a daily basis.
The Kibana dashboard then gives you the power to examine your security posture from different angles, filtering by categories of error and drilling down to precise detail about devices/models impacted and how to mitigate risks.
To learn how to aggregate your Nipper audit reports in Elasticsearch and explore the data in Kibana – download the guide by clicking on the cover >
