DDI NIRV™

DDI NIRV – the technology core of Frontline RNA™ – works on the principle of real-time event-based tuning. As it learns more about hosts and the network, NIRV adjusts its plugin sets and auditing mechanisms in real time – leading to far more accurate and complete data scans through continuous vulnerability scanning. NIRV enables RNA to “dig deeper” than competitor scanners through capabilities including:

• Cross service parsing for capturing and vetting webserver directory structure and scripts, significantly improves the ability to find brute force and fault injection attacks on other discovered hosts and services.
• SSL deep dive means critical SSL issues, e.g., Heartbleed and BEAST, are audited beyond traditional web-based SSL services. SSL deep dive scans embedded SSL modes including FTP, SMTP, POP3, VPN, RDP, RPC and UDP based DTLS services.
• Privilege escalation checks covers usernames, password hashes and authentication tokens gathered from RPC services to automatically tokenized, translated to different authentication formats and leveraged in an attempt to gain access to other host and network services.
• ARM baseboard interface auditing will find weaknesses exposed in RMCP and IPMI, and are correlated and reused against the primary host O/S to expose networked side-channel access to otherwise secure systems.

• Webserver directory structure, scripts, and arguments discovered by webroot spidering or WSDL parsing on one service can be used to improve brute force, and fault injection on other hosts and services discovered; allowing tests to run multiple times in the same context if necessary for complete testing.
• Usernames, password hashes, and authentication tokens, gathered from RPC services are automatically tokenized, translated to different authentication formats and leveraged in an attempt to gain access to other services on both the host and network level.