At the heart of the Digital Defense RNA appliance is the NIRV scanning engine which represents a fundamental break from traditional network scanning methodology and allows the discovery of critical flaws often missed by other engines.

Whereas traditional network auditing technology focused on auditing services in isolation in a highly repeatable manner; the NIRV engine is capable of auditing networks as contiguous entities where information gleaned from each host, service, and application is reused throughout the network, allowing for a more thorough audit of its peers.

Select examples of this technology include:

Webserver directory structure, scripts, and arguments discovered by webroot spidering or WSDL parsing on one service can be used to improve brute force, and fault injection on other hosts and services discovered; allowing tests to run multiple times in the same context if necessary for complete testing.

Usernames, password hashes and authentication tokens, gathered from RPC services are automatically tokenized, translated to different authentication formats and leveraged in attempt to gain access to other services on both the host and network level.

Critical SSL issues such as Heartbleed and BEAST are audited not just on traditional web-based SSL services but through the embedded SSL modes such as FTP, SMTP, POP3, VPN, RDP, RPC and even alternate-transport UDP based DTLS services.

Weaknesses exposed in RMCP and IPMI embedded ARM baseboard interface auditing can be correlated and reused against the primary host operating system in order to expose networked side-channel access to otherwise secure systems.

By allowing the efficient tagging, tokenization, and re-use of data across all OSI layers, network services, and peer hosts on a network, NIRV better simulates the tactics a skilled attacker employs in modern data-breach attacks which often combine information gained through several moderate or low level vulnerabilities to uncover more serious flaws and achieve a full system compromise.

The NIRV engine’s cross context scanning technology has already been proven to be effective in real world scenarios having resulted in dozens of critical CVE releases by major software companies. This includes the discovery of flaws in products which are among the most mature in the industry, having already undergone rigorous testing by traditional technology.

Digital Defense follows strict responsible disclosure policies when disclosing details of previously unknown flaws to software vendors, allowing vendors to respond and issue patches for any discovered issues and withholding any details that might benefit an attacker.