"Without evidence from assurance processes, it’s very difficult to make credible risk-based decisions." NIST
Establishing a defendable network with automated misconfiguration detection and remediation
Since 2013, elite cyber teams across the US Department of Defense and Fourth Estate have complemented their DISA ACAS network vulnerability analysis with Titania’s highly accurate configuration assessment software, Nipper.
Supporting DISA and DoD’s security and compliance missions, Nipper enables network owners to make credible, risk-based decisions that improve the security posture of critical networks. Accurately detecting misconfigurations in firewalls, switches and routers, and providing risk and remediation prioritized findings, Nipper ensures POAMs are informed and remediation workflows can be prioritized by risk criticality.
Nipper also helps defense contractors throughout the supply chain verify that their firewalls, switches and routers meet the cybersecurity standards set out in DISA, NIST and CMMC frameworks with accurate, automated compliance assessments.
And now, Nipper Enterprise is now providing accurate misconfiguration detection this capability at scale, enabling the assessment of up to 300,000 devices on an up-to-hourly basis, and the roadmap to automatically remediate vulnerabilities and insecure configurations in order to help agencies establish a defendable network.
Accurate, risk-based vulnerability management:
- Reduce DISA ACAS configuration audit times by up to 80%
- Detect all misconfigurations, even in air-gapped environments
- Prioritize security risk by criticality
- Improve MTTR with device specific remediation advice and command-line fixes
Automated RMF assurance:
- Assure compliance for CDM, DISA RMF, NIST, and CMMC
- Assessor-ready reports of compliance with:
- 93% of NIST 800-53 network controls
- 89% of CMMC network practices to evidence SCRM within the DIB
- Accurate RMF snapshots and real-time evidence of compliance
- Continuous assessment of network security
- Daily configuration drift monitoring
- Roadmap to playbook-controlled auto-remediation
Supply Chain Risk Management
The aggregate loss of controlled unclassified information (CUI) from the Defense Industrial Base (DIB) is a known risk to US national security. With the official rollout of CMMC postponed until July 2022, defence contractors remain focussed on demonstrating their compliance with NIST 800-171 security standards. And Nipper has developed dedicated modules to help contractors automate this process for their core network.
Nipper automates the compliance assessment of 89% of the NIST 800-171 controls related to core network devices, across 8 control families. And for contractors that intend to voluntarily obtain CMMC certification to verify their cybersecurity standards, Nipper helps demonstrate compliance with 89% of CMMC core network security practices across 9 domains.
Titania is proven to protect military
Why complement ACAS with Nipper?
DISA ACAS augments its scanning capabilities by incorporating vulnerability and configuration assessment modules in its solution as well as traffic monitoring and reporting modules. The vulnerability scanning module provides information on vulnerabilities associated with the software/firmware version whilst the configuration module looks at the individual device configuration.
As Nipper virtually models the entire device configuration as a single entity, Nipper considers interdependencies of the configuration settings and supresses findings that are irrelevant. For example, because they are not enabled elsewhere in the configuration. The same is true for complex configurations within firewall devices, where overlapping rules can cause security issues, but all of the rules must be ingested and analysed simultaneously to discover them.
Nipper thus provides greater configuration assessment accuracy, and it also provides a network risk context for any issues it finds. Whilst other solutions use CVSS severity rather than risk scoring, Nipper also takes into account other factors representing risk to the network, not just to the device. This includes:
- The impact of an exploitation of the misconfiguration
- How easy it is to exploit it, i.e.to assess risk likelihood
- How easy it is to remediate.
The Nipper findings report then automatically priroritizes the risks identified by criticality to the network, and provides recommendations for remediating actions.
This information is invaluable to the SOC and NOC to inform remediation strategies and workflows. It allows them to reduce the risks in the network, to the greatest extent, as quickly as possible, making Nipper a vital part of the security automation technology stack.