Military Grade Cybersecurity Software
Establishing a defendable network with automated misconfiguration detection and remediation.
"Without evidence from assurance processes, it’s very difficult to make credible risk-based decisions." NIST
Since 2013, elite cyber teams across the US Department of Defense and Fourth Estate have complemented their DISA ACAS network vulnerability analysis with Titania’s highly accurate configuration assessment software, Nipper.
Supporting DISA and DoD’s security and compliance missions, Nipper enables network owners to make credible, risk-based decisions that improve the security posture of critical networks. Accurately detecting misconfigurations in routers, switches and firewalls, and providing risk and remediation prioritized findings, Nipper ensures POAMs are informed and remediation workflows can be prioritized by risk criticality.
Nipper also helps defense contractors throughout the supply chain verify that their routers, switches and firewalls meet the cybersecurity standards set out in DISA, NIST and CMMC frameworks with accurate, automated compliance assessments.
And now, Nipper Enterprise is now providing accurate misconfiguration detection this capability at scale, enabling the assessment of up to 300,000 devices on an up-to-hourly basis, and the roadmap to automatically remediate vulnerabilities and insecure configurations in order to help agencies establish a defendable network.
Accurate, risk-based vulnerability management:
Automate RMF assurance:
Establish a defendable network:
Supply Chain Risk Management
The aggregate loss of controlled unclassified information (CUI) from the Defense Industrial Base (DIB) is a known risk to US national security. With the official rollout of CMMC postponed, defence contractors remain focussed on demonstrating their compliance with NIST SP 800-171 security standards. And Nipper has developed dedicated modules to help contractors automate this process for their network.
Nipper automates the compliance assessment with evidence-based reporting for NIST SP 800-53 and NIST SP 800-171. And for contractors that intend to voluntarily obtain CMMC certification to verify their cybersecurity standards, Nipper helps demonstrate compliance with CMMC network security practices.
Titania is Proven to Protect Military
Why complement ACAS with Nipper?
DISA ACAS augments its scanning capabilities by incorporating vulnerability and configuration assessment modules in its solution as well as traffic monitoring and reporting modules. The vulnerability scanning module provides information on vulnerabilities associated with the software/firmware version whilst the configuration module looks at the individual device configuration.
As Nipper virtually models the entire device configuration as a single entity, Nipper considers interdependencies of the configuration settings and supresses findings that are irrelevant. For example, because they are not enabled elsewhere in the configuration. The same is true for complex configurations within firewall devices, where overlapping rules can cause security issues, but all of the rules must be ingested and analysed simultaneously to discover them.
Nipper thus provides greater configuration assessment accuracy, and it also provides a network risk context for any issues it finds. Whilst other solutions use CVSS severity rather than risk scoring, Nipper also takes into account other factors representing risk to the network, not just to the device. This includes:
- The impact of an exploitation of the misconfiguration
- How easy it is to exploit it, i.e.to assess risk likelihood
- How easy it is to remediate.
The Nipper findings report then automatically priroritizes the risks identified by criticality to the network, and provides recommendations for remediating actions.
This information is invaluable to the SOC and NOC to inform remediation strategies and workflows. It allows them to reduce the risks in the network, to the greatest extent, as quickly as possible, making Nipper a vital part of the security automation technology stack.