Innovative, scalable, and highly accurate SaaS technology to simplify and ease the burdens associated with vulnerability and threat management
Vulnerability scanning has been around since 2000. Virtually every enterprise security team today utilizes vulnerability scanning - and likely a vulnerability management system. In fact, many analysts regard vulnerability scanning, at least, as having fully commoditized.
Accuracy remains elusive with even the largest VM solution providers- even after 20 years of technology evolution.
We'll continue to evolve and expand on vulnerability assessment, management, and adjacent market spaces that can benefit from fast, lightweight footprint, comprehensive and accurate network security technologies and risk assessment tools. Our network security technologies that continue to deliver market-leading differentiation include DDI RNA, VRT, NIRV, and DNA.
While Digital Defense has achieved public acclaim for its superior vulnerability scanning, vulnerability management solutions, and best practice consultative services, we are also actively involved in security threat research.
The company’s Vulnerability Research Team (VRT) – comprised of talented, credentialed (Security+, Network+, CISSP) and experienced security analysts and researchers – regularly discover unknown vulnerabilities and zero-day attacks.
This proactive research translates directly to timely disclosures for our clients, providing an extra measure of peace of mind.
Using our own SaaS Vulnerability Management platform, analysts continually scour cross-client assessment results, as well as leveraging big data analytics to root out malicious or suspicious activity.
The VRT take its responsibility seriously and holds a philosophy of always contributing to the greater good. In addition to providing timely vulnerability insight to our clients, we also share findings with the vendor community – according to accepted security information exchange principles, such that vendors can address security weaknesses for the good of all.
Reconnaissance Network Appliance (RNA) is a preconfigured network based device used to perform network security assessments without requiring onsite staff.
RNA utilizes a proprietary Linux-based operating system to scan every IP accessible device (including servers, workstations, printers, IP phones, routers, switches, firewalls, etc.) on an organization’s network for vulnerabilities and weaknesses.
The assessment data is transferred through an encrypted network connection to the Secure Network Operations Center (SNOC). In conjunction with Fortra VM, the package provides an on-demand vulnerability management, network security assessment solution and network scanning tool that enables organizations to assess and manage business risk.
At the heart of the RNA appliance is the NIRV scanning engine which represents a fundamental break from traditional network scanning methodology and allows the discovery of critical flaws often missed by other engines.
Whereas traditional network auditing technology focused on auditing services in isolation in a highly repeatable manner; the NIRV engine is capable of auditing networks as contiguous entities where information gleaned from each host, service, and application is reused throughout the network, allowing for a more thorough audit of its peers.
Select examples of this technology include:
By allowing the efficient tagging, tokenization, and re-use of data across all OSI layers, network services, and peer hosts on a network, NIRV better simulates the tactics a skilled attacker employs in modern data-breach attacks which often combine information gained through several moderate or low-level vulnerabilities to uncover more serious flaws and achieve a full system compromise.
The NIRV engine's cross context scanning technology has already been proven to be effective in real-world scenarios having resulted in dozens of critical CVE releases by major software companies. This includes the discovery of flaws in products which are among the most mature in the industry, having already undergone rigorous testing by traditional technology.
Digital Defense follows strict responsible disclosure policies when disclosing details of previously unknown flaws to software vendors, allowing vendors to respond and issue patches for any discovered issues and withholding any details that might benefit an attacker.
The number of RNAs required is dependent on the segmentation of an organization’s network; scan frequency, and number of hosts to be scanned. After placing one or more RNAs in optimal scanning location(s), the units require power and network connectivity.
Outbound network access on TCP port 443 or 22 (SSH) is required to keep the RNA properly maintained. RNA software updates are delivered to the RNA via this network connection automatically prior to the beginning of each vulnerability scan.
Digital Node Attribution (DNA) is the core technology within Fortra Vulnerability Management (Fortra VM) that eliminates network drift. As a point in time network vulnerability scanner that feeds RNA data into Fortra VM, DNA is able to match host identification artifacts associated with a specific endpoint over time – including dynamic identifiers like IP address, DNS hostname and NetBIOS hostname – and reconcile them back to a common identity. Now, regardless of how identification artifacts may change over time, – otherwise known as network drift, DNA can accurately and consistently pin vulnerability scans to each discrete endpoint over time. This forms the basis of DNA’s accuracy superiority.
To appreciate the impact of network drift, consider the following data, as revealed by a Digital Defense study:
Scan-to-Scan Endpoint |
Servers – % Change over 90 Days |
Clients – % Change over 90 Days |
IP Address | 4% | 36% |
DNS Hostname | 6% | 42% |
NetBIOS Hostname | 34% | 20% |
This data demonstrates how much a typical network (attack surface) changes in a relatively short period of time. And, it is exactly why competitive vulnerability management products – even those from highly regarded market leaders – report so many time-wasting false positives, which exacerbates the long standing stigma of vulnerability management solutions as producing high volumes of misleading and inaccurate data, i.e., “big data pollution”.
DNA eliminates network drift and as a result, ensures security teams are spending time only on timely, comprehensive and accurately pinned vulnerabilities.
Copyright © Fortra, LLC and its group of companies. Fortra®, the Fortra® logos, and other identified marks are proprietary trademarks of Fortra, LLC. | Privacy Policy | Cookie Policy | Sitemap