DDI NIRV – the technology core of Frontline RNA™ – works on the principle of real-time event-based tuning. As it learns more about hosts and the network, NIRV adjusts its plugin sets and auditing mechanisms in real time – leading to far more accurate and complete data scans through continuous vulnerability scanning. NIRV enables RNA to “dig deeper” than competitor scanners through capabilities including:
- Cross Service Parsing – capturing and vetting webserver directory structure and scripts significantly improves the ability to find brute force and fault injection attacks on other discovered hosts and services
- SSL Deep Dive – critical SSL issues, e.g., Heartbleed and BEAST, are audited beyond traditional web-based SSL services. SSL Deep Dive scans embedded SSL modes including FTP, SMTP, POP3, VPN, RDP, RPC and UDP based DTLS services.
- Privilege Escalation Checks – usernames, password hashes and authentication tokens gathered from RPC services are automatically tokenized, translated to different authentication formats and leveraged in an attempt to gain access to other host and network services
- ARM baseboard interface auditing – Weaknesses exposed in RMCP and IPMI are correlated and reused against the primary host O/S to expose networked side-channel access to otherwise secure systems