6Scan is a full service security solution for you website. Patent-pending technology combines a full suite of features that scan and automatically fix critical issues that - if left unresolved - could damage your business and customers, your reputation and destroy your web presence.        

What Does 6Scan Do?

1. Find. The 6Scan six independent scanners work to detect vulnerabilities, scan for malware and inspect your website's files to determine any security issues or risks.
2. Fix. Patent-pending technology automatically fixes any security issues as soon as they are detected. We deploy a WAF (Web Application Firewall) and custom vulnerability patches to make sure any attack vectors are blocked. The entire process of detecting and fixing vulnerabilities is fully automated, managed through a unified dashboard.
3. Protect. 6Scan will continue to monitor your site for new vulnerabilities and security risks. The scanning is scheduled automatically or can be triggered manually and you will be notified of any issues. As with all our services, this process can be monitored from your dashboard where you have the opportunity to roll back any changes.

Malware Scan. A complex scan that runs a number of different tests to detect any signs of malware on your website. The 6Scan malware scan deploys a much larger set of tests than most of the simple or embedded scanners to make sure that even the latest emerging threats are detected.                         Malware Removal. A service to restore your website after a malware attack. 6Scan's security experts will access your website and remove any malicious code or backdoors.             Server-Side Scan. A scan and examination of the files on your hosting account for any signs of backdoors or hidden malware code which could be used to compromise your website.             Website Scan. Detects vulnerabilities that could make your site a target for attacks. The proactive service works seamlessly in the background to maintain website security.                                     Auto Vulnerability Repair. Patent-pending patching technology acts immediately to resolve problems with vulnerable website code. Left unchecked these issues become entry points for hackers to gain access to your website.                                         CMS Scan/Repair. Automatically repairs problems created by outdated and vulnerable plug-ins and content management systems such as WordPress, Drupal, and Joomla, used by millions of websites.

With the uptake of cloud computing and advancements in browser technology, web applications have become a core component of business processes, and a lucrative target for hackers. Organizations must make web application security not only a priority, but a fundamental requirement. Enter Acunetix Vulnerability Scanner! A Firewall is not enough Firewalls, SSL and hardened networks are futile against web application hacking. Web attacks are carried out over HTTP and HTTPS; the same protocols that are used to deliver content to legitimate users. Web applications are often tailor-made and tested less than off-the-shelf-software; the repercussions of a web attack are often worse than traditional network-based attacks.

• Detects over 4500 web application vulnerabilities.
• Scan open-source software and custom-built applications.
• Detects Critical Vulnerabilities with 100% Accuracy.

Technology Leader in Automated Web Application Security Acunetix are the pioneers in automated web application security testing with innovative technologies including:

• DeepScan Technology – for crawling of AJAX-heavy client-side Single Page Applications (SPAs).
• Industry’s most advanced SQL Injection and Cross-site Scripting testing – includes advanced detection of DOM-based XSS.
• AcuSensor Technology – Combines black box scanning techniques with feedback from its sensors placed inside source code.

Fast, Accurate, Easy to Use Multi-threaded, lightning fast crawler and scanner that can crawl hundreds of thousands of pages without interruptions.

• Highest detection of WordPress vulnerabilities – scans WordPress installations for over 1200 known vulnerabilities in WordPress’ core, themes and plugins.
• An easy to use Login Sequence Recorder that allows the automatic scanning of complex password protected areas.
• Review vulnerability data with built-in vulnerability management. Easily generate a wide variety of technical and compliance reports.

Aegify RSC Suite

• Reduced risk
• Unified/integrated approach
• Lower total cost of ownership
• Oversight ease
• Maximum security
• No compliance tradeoffs

The NEED

RISK management is not optional for healthcare, retail and financial organizations.
When SECURITY breaches happen, critical data is compromised, jobs are lost and profits disappear. Managing the regulatory maze is challenging. PCI, ISO and SANS 20 COMPLIANCE is best practice. HIPAA, GLBA and FISMA COMPLIANCE is the law. Risk, security and compliance (RSC) protection is complex and cumbersome. Until now. Discover the effective simplicity of a unified RSC solution. Discover Aegify.

• Aegify RSC Suite includes:
• Aegify Risk Manager
• Aegify Security Manager
• Aegify Compliance Manager
• Aegify Integrity Manager

UNIFIED APPROACH

For management ease and cost reduction, most healthcare providers and business associates prefer a unified Risk, Security and Compliance solution. Consider these diagnostic questions:

• Are you confident your vendors and business associates are compliant with all regulations?
• Are burdens of compliance forcing you to take calculated risks due to resource constraints?
• Do you have multiple siloed solutions that cause integration, management and financial headaches?
• If your answers are mostly “yes,” consider Aegify RSC Suite

Diagnose

Within hours, you will know:

• Your total organizational risk including your risk from each of your vendors and business associates
• Where your security threats lie
• What curative measures need to be undertaken
• Your compliance status with HIPAA, Meaningful Use, HITECH, PCI, ISO, SANS 20 and all other regulations and standards

Cure

Follow Aegify instructions to:

• Minimize organizational risk
• Close your risk, security and compliance gaps
• Comply with all applicable regulations and standards

Protect

24/7 continuous monitoring program will:

• Reduce all risk… today and tomorrow
• Diagnose and cure future security threats in real time
• Comply with all applicable current and future regulations

WHY AEGIFY?

Aegify was founded on a simple set of guiding principles:

• RSC services are too siloed, complicated and expensive
• The market needs a holistic RSC solution that diagnoses, cures and prevents future catastrophic events from occurring

Today, the Aegify Suite is a unique unified solution that operates at the intersection of security, compliance and risk management for healthcare, retail and financial organizations.

For those that don’t need a unified RSC Solution, each individual Aegify Manager product is a robust standalone solution.

Alcide Kubernetes Advisor is a Kubernetes multi-cluster vulnerability scanner that covers rich Kubernetes and Istio security best practices and compliance checks such as Kubernetes vulnerability scanning, hunting misplaced secrets, or excessive secret access, workload hardening from Pod Security to network policies, Istio security configuration and best practices, Ingress controllers for security best practices, Kubernetes API server access privileges and Kubernetes operators security best practices. Alcide Advisor is an agentless Kubernetes audit, compliance and hygiene scanner that’s built to ensure a friciton free DevSecOps workflows. Alcide Advisor can be plugged early in the development process and before moving to production. Get a single-pane view for all K8s-related issues: audit, compliance, topology, network, policies, and threats with Alcide Advisor, and integrate it with your CI/CD pipeline. With Alcide Advisor, the security checks you can cover includes:

• Kubernetes infrastructure vulnerability scanning
• Hunting misplaced secrets, or excessive priviliges for secret access
• Workload hardening from Pod Security to network policies
• Istio security configuration and best practices
• Ingress Controllers for security best practices
• Kubernetes API server access privileges
• Kubernetes operators security best practices
• Deployment conformance to labeling, annotating, resource limits and much more

Whether you are looking to secure Kubernetes cluster hygiene in your CI+CD pipeline, or to ensure consistent multi-cluster conformance, Alcide Kubernetes Advisor provides you with valuable benefits from day one: SecOps get visibility Into Kubernetes black box – from network and hygiene perspective and are able to get high resolution in cluster detection of threats. DevOps get to harden their cluster’s security and detect drifts in their software supply chain. Alcide also supports policy customization by security pros, that are monitored by DevOps. You can apply multiple policies managed by different teams, and violations can be routed to either ChatOps tools like Slack or security toolchain like Splunk.

The AMT Technology Website

The AMT (Agentless anti-Malware Technology) is a new proprietary Minded Security technology for detection and management of malware software. AMT has been developed after years of study for detecting and managing in real time advanced banking malware for our customers online users. The core engine is a JavaScript Analyzer written by renowned JavaScript experts specialized in advanced JavaScript security research. Various innovative analysis technique have been used in AMT such as Trusted JavaScript Modeling combined with optimized WebInject differential analysis.

The product: AMT Banking Malware Detector

The AMT Banking Malware Detector is a sophisticated security platform for detecting and managing advanced malware on your online banking customers in real time. AMT Banking Malware Detector instantly recognizes all new malwares that have been installed on users' computer interacting with your Internet Banking Web Site. The technology is able to detect all types of banking malwares, with a focus on targeted malware specifically designed to attack a particular bank.

Key Features:

• Agentless: does not install anything on user’s computer.
• Transparent: does not alter the user experience.
• Proactive detection: detects malware not known yet.
• Easy Setup: installation and tuning in just a few days.
• Available in both modes cloud and appliance.

Performance

No degradation in the performance of the bank infrastructure: no need to install new infrastructure components.
Light Deployment: for portals with millions of users does not require significant additional infrastructure.

• Fraud Risk Management

The technology reduces risk of infected users preventing frauds.
Can be easily managed by the bank's internal anti-fraud team through the innovative HTML5 interface.

• Easy Management

The product is easy to install with a single JavaScript source for multiple sites. No need to install new infrastructure components (no impact on Business Continuity).
Easy to manage with AMT control panel and AMT daily reports.

• Customization

It is designed to integrate with any anti-fraud systems with the ability to customize the modular components such as GUI, API, and specific components.
Ability to create ad hoc components for malware detection.

Why choosing AMT?

The key point of the AMT Banking Malware Detector is the new proactive approach.

AMT creates a model of Custom Signature Engine (CSE) for each online banking service.

The CSE permits to perform a continuous comparison with the mutations and to identify in real time a new threat.

AMT Banking Malware Detector allows to identify malware victims before they will be defrauded.

While today’s malicious attackers pursue a variety of goals, they share a preferred channel of attack—the millions of custom web, mobile, and cloud applications companies deploy to serve their customers. AppSpider dynamically assesses these applications for vulnerabilities across all modern technologies, provides tools that speed remediation and monitors applications for changes. Keep your applications safe and secure—now and moving forward. KNOW YOUR WEAK POINTS AppSpider automatically finds vulnerabilities across a wide range of applications— from the relatively simple to the most complex—and it includes unique capabilities and integrations that enable teams to automate more of the security testing program across the entire software development lifecycle (SDLC), from creation through production. Coverage is the first step to scanner accuracy. Scanners were originally built with a crawl and attack architecture, but crawling doesn’t work for web services and other dynamic technologies. AppSpider can still crawl traditional name=value pair formats like HTML, but it also has a Universal Translator that can interpret the new technologies being used in today’s web and mobile applications (AJAX, GWT, REST, JSON, etc.). With AppSpider, you can: • Close the coverage gap with our Universal Translator • Intelligently simulate real-world attacks • Continuously monitor your applications • Stay authenticated for deep assessment AppSpider includes interactive actionable reports that prioritize the highest risk and streamline remediation efforts by enabling users to quickly get to and analyze the data that matters most. With one click, you can drill deep into a vulnerability to get more information and replay attacks in real-time. Sifting through pages and pages of vulnerabilities in a PDF report takes too much time. AppSpider provides interactive, actionable reports that behave like web pages with an intuitive organization and links for deeper analysis. The analysis doesn’t have to be tedious: Findings are organized and consolidated by attack types (XSS, SQLi, etc.), and with one click, you can drill deep into a vulnerability to get more information. AppSpider’s sophisticated reports reduce remediation time and streamline communication with developers. With AppSpider, you can: • Conduct deeper analysis with interactive reports • Quickly replay web attacks • Categorize applications for easy reporting In order to improve your overall security posture, you need a high-level view of your application security program that enables you to see where things stand. AppSpider enables centralized control, automation, and interoperability over all aspects of your enterprise web application security program, including continuous scanning configuration, user permissions, scheduling, and monitoring. In addition, AppSpider includes trends and analyze data to help collaborate with all stakeholders toward improved security posture. Time is critical when remediating vulnerabilities. Using innovative automated rule generation, AppSpider’s defensive capabilities help security professionals patch web application vulnerabilities almost immediately—in a matter of minutes, instead of days or weeks. Without the need to build a custom rule for a web application firewall (WAF) or intrusion prevention system (IPS), or the need to deliver a source code patch, our software allows you the time to identify the root cause of the problem and fix it in the code. With AppSpider, you can: • Manage and control application security programs • Automate targeted virtual patching • Meet compliance requirements • Integrate into your DevSecOps workflow

Email, shared URL’s, file attachments, cloud drives and new digital communications are transforming the way we work. They are also the most accessible entry point for advanced content-borne cyber attacks. Deep Application Learning Continuous and aggregative CPU-level learning of application paths. BitDam live knowledge base of all legitimate executions for common business applications. Real-time analysis, code benchmarking and immediate alien code detection for advanced threats, regardless of the specific attack technique. Alien Code Detection Forever Protected Applications 100% attack code visibility for known and unknown threats, covering all attachments & links. Prevention of sophisticated exploits and evasion methods, pre-code execution. No need for security updates or patches. BitDam Email Security & Malware Protection Features

• Close to zero latency – With minimal email latency of just a few seconds, end-users will not notice any change. With BitDam, they’re safe to click everything that lands in their inbox.
• 2-click integration – Pre-built APIs enables a (literally) 2-click self-service deployment through the BitDam portal, which applies for all mailboxes in the organization.
• Fast and easy deployment – No MX record change is needed, no hassle to your IT team.
• Intuitive dashboard – Your SOC team can view email subject and recipients through the BitDam dashboard, making tracking and investigating attacks simple.
• Email body and clean files are never saved – BitDam scans the entire email including links and attachments, but doesn’t save it unless malicious.
• Quarantine malicious emails – Malicious emails are automatically quarantined, allowing the SOC team to investigate, delete or release them as needed.
• Visibility to other security checks – As a SOC team user you can see what basic security checks each email went through. This includes anti-spam, spf, and dmarc checks.

Unmatched detection rates, immediate prevention of ALL advanced content-borne cyber threats. Any Exploit Logical Exploits and Hardware Vulnerabilities Any Payload Macro-Based Malware, Ransomware, Spear Phishing. Any Known Unknown Vulnerability One Day, Zero Day Attacks Make it safe to click across all channels

• Email
• Cloud Storage
• Instant Messaging

Blade Tool Output Integration Framework (TOIF) is a powerful software vulnerability detection platform. It provides a standards-based environment that integrates the outputs of multiple vulnerability analysis tools in a single uniform view with unified reporting. It leverages OMG Software Assurance Ecosystem standards, Software Fault Patterns (SFPs), and Common Weakness Enumerations (CWEs) Composite Vulnerability Analysis & Reporting. Blade TOIF’s  plug-and-play  environment  provides  a  foundation  for  composite  vulnerability  analysis  by  normalizing,  semantically  integrating,  and  collating  findings from existing vulnerability analysis tools. Improves breadth and acccuracy of off-the-shelf vulnerability analysis tools. Provides powerful vulnerability analysis and management environment for analyzing, reporting and fixing discovered weaknesses. Seamless Integration. Out-off-the-box, Blade TOIF seamlessly integrates into the Eclipse Development Environment and with five open-source vulnerability analysis tools:

• CppCheck
• RATS
• Splint
• SpotBugs
• Jlint

It  enables  strategic  use  of  commercial  and  open-source  vulnerability  analysis  tools and, in conjunction with its unified priority reporting, reduces the overall costs of performing a vulnerability assessment by 80%.

Blade TOIF Integration

Integrates into Eclipse development environment:

• Execute Blade TOIF (desktop deployment) from within Eclipse with progress bar
• Automatically see defect findings in Eclipse
• Use the “TOIF Analyze” easy button in the Eclipse toolbar and in the Blade TOIF main menu
• Run it on a sub-set of project files/ directories
• Filter the defect findings listed in the Blade TOIF Findings view, based on the selected project data in the Project Explorer in Eclipse

Blade TOIF Key Capabilities

• Integrates multiple vulnerability detection tools and their findings as “data feeds” into a common repository
• Addresses wider breadth and depth of vulnerability coverage
• Common processing of results
• Normalizes and collates “data feeds” based on discernable patterns described as Software Fault Patterns (SFPs) and CWEs
• Provides one prioritized report with weighted results across tools/vendors
• Uses an RDF repository and provides external Java API for additional analysis capabilities
• Integrates out-of-box with: CppCheck, RATS, Splint, SpotBugs and Jlint
• Defect Description view provides information related to the cluster, SFP, and CWE description of the selected defect instance in the Blade TOIF Findings view
• Defect findings, including citing information, can be exported to *.tsv file and subsequently imported to another Blade TOIF project
• Installation wizard, auto-detection and configuration of open source software (OSS) static code analysis (SCA) tools
• Supports load build integration to import results generated from the server/load build to the desktop

Combining Blade TOIF with our automated risk analysis platform, Blade Risk Manager, provides a comprehensive cybersecurity risk management solution that includes:

• Automated risk analysis
• Automated vulnerability detection and analysis
• Traceability
• Measurement and prioritization that make it easy to plan how to best leverage the risk management budget and resources for greatest impact

DevOps moves quickly, and security isn’t keeping up. Developers are frustrated with security, AppSec professionals are exhausted, and security bottlenecks keep getting worse. As a result, vulnerabilities are pushed into production, increasing your organization’s risk of cyber attacks. Bright empowers AppSec teams to provide the governance for securing APIs and web apps while enabling developers to take ownership of the actual security testing and remediation work early in the SDLC. With dozens of different types of vulnerabilities that we test for, hundreds of attack vectors we use to test your application, and clear remediation guidelines when a vulnerability is found, you can rest assured the vulnerabilities we find are true with minimal false positives. Scan any type of web app or API​ Beyond static web applications, Bright can scan single-page apps (SPAs), various APIs and microservices, and server-side mobile applications. Scan all common API formats Bright works with REST, SOAP, and GraphQL APIs Scan APIs via Postman Collections or Swagger Upload a Postman Collection, or a Swagger file and Bright will parse it to define an optimized attack surface for your API endpoints Detect vulnerabilities with 10,000+ attacks Tests for dozens of vulnerabilities using thousands of payloads and attack variations, from common application security risks e.g. OWASP Top Ten to business logic flaws Verified findings for trusted results Our technology conducts two separate tests on each found vulnerability to verify the accuracy of findings, resulting in minimal to no false positives Remediation instructions that make sense For every detected issue, Bright provides all the information a developer needs to fix the issue immediately. Test every PR, all managed by YAML Security testing automation is now part of CI/CD pipelines. Automatically test every build, pull request or merge, detecting security flaws before they hit production using global .yml configuration files. Scan with every build Bright integrates into CI/CD pipelines using technologies like GitHub Actions, CircleCI, Jenkins, Azure Pipelines, Travis CI, GitLab, TeamCity and JFrog Pipelines. Start a scan from the CLI Stay in your terminal and configure, launch, and control scans with the Bright CLI. Say goodbye to complicated configurations with Bright’s scan templates Use predefined templates to run light scans, deep scans, scans optimized for API testing, rapid scans as part of unit testing, or check for OWASP and MITRE vulnerabilities. You can also create and use your own templates within your org. Easily run authenticated scans Scan login-protected resources within your target app or API. This includes multi-step authentication and common authentication methods, such as headers, forms, API calls and OAuth. Enterprise security: SSO & RBAC Bright offers Single Sign On (SSO) and role-based access control (RBAC), as well as project management so you can separate teams and what they can access. Integrate with your toolchain Bright works with all popular ticketing systems, including Jira, Monday.com, Slack, Github, Azure Boards, and GitLab Boards

Even the best detection technology cannot return the data, money or reputation that is lost in a breach. While a layered approach that addresses the entire attack cycle is a must, prevention still has the highest return on investment. BUFFERZONE provides a better way to reduce the attack surface and protect the most vulnerable part of the organization – employee endpoints. How it Works? The BUFFERZONE virtual container protects any application that you define as insecure including web browsers, email, Skype, FTP and even removable storage. BUFFERZONE is transparent to both the application and the end-user, yet completely seals off threats from the rest of the computer. Unlike conventional endpoint detection solutions that depend on signatures or behavioral profiles to detect malicious activity, BUFFERZONE simply isolates malware regardless of whether it is known or new, and prevents it from doing any harm. The BUFFERZONE Endpoint Security solution includes:

• Virtual Container: A secure, virtual environment for accessing content from any potentially risky source including internet browsers, removable media and e-mail.
• Secure Bridge: A configurable process for extracting data from the container to enable collaboration between people and systems while ensuring security and compliance.
• Endpoint Intelligence: Detailed reporting and integration with SIEM and Big Data analytics to identify targeted attacks.

Features: Virtual Containment On endpoints running the BUFFERZONE agent, access to external, untrusted sources such as the internet and the effects of such access are completely isolated inside a virtualized container. Potential threats are thus isolated from the endpoint’s native resources from which trusted organizational resources are accessed, making it impossible for threats to in any way harm the endpoint or the rest of the organization. A configurable, centralized policy determines application containment. Network Separation Endpoint-based network segmentation. Define separate firewall-type rules for contained and uncontained applications, preventing uncontained, trusted applications from accessing risky destinations such as the internet and preventing contained, untrusted applications from accessing sensitive, internal organizational network destinations. Email Attachment Containment Contains attachments from external, untrusted sources, protecting the endpoint and trusted organizational resources from the attachments. Emails arriving from outside the organization are saved normally (uncontained) on endpoints but are subsequently opened on any protected endpoint in a BUFFERZONE container. DLP Features Several BUFFERZONE features can contribute to an organizational data-loss prevention (DLP) strategy by blocking information from exiting the organization by various paths:

• Containment Features. Prevent uncontained applications, which can access organizational resources, from accessing the internet; and prevent contained applications, which can access the internet, from accessing organizational resources.
• Hidden Files. Set file locations, that may contain sensitive data, to be hidden from contained applications.
• Upload Blocker. When Upload Blocker is enabled, contained browsers can download to and upload from only a designated folder (by default: Downloads), which is isolated from uncontained programs. This prevents browsers from uploading any files to the internet other than contained files that were previously downloaded from the internet.

BUFFERZONE Management Server (BZMS) For centralized management, you can integrate BUFFERZONE with your existing endpoint management system; or, for fuller management capabilities, use the BUFFERZONE Management Server (BZMS) to manage organizational BUFFERZONE agents, gain visibility to relevant organizational endpoints, and serve and assign organizational policy by endpoint and/or user.

Introducing CORE Security

When it comes to securing your cloud, you need to peace of mind that security’s at the core of your hosted infrastructure. That’s why we’ve put together three ServerChoice CORE Security™ packages, with varying levels of protection, so you can get best-fit cyber security for your organisation.

CORE Base

• Two-factor authentication
• TrendMicro anti-virus & malware protection
• Vulnerability scanning: Unmanaged Quarterly
• System hardening
• Next-generation firewall
• Advanced DDoS mitigation: Standard (20 Gbps)

CORE Enterprise

• Two-factor authentication
• TrendMicro anti-virus & malware protection
• Vulnerability scanning: Unmanaged Monthly
• System hardening
• Next-generation firewall
• File integrity monitoring
• Advanced DDoS mitigation: Enhanced (250 Gbps)
• 24/7 SIEM services

CORE Platinum

• Two-factor authentication
• TrendMicro anti-virus & malware protection
• Vulnerability scanning: Managed Monthly
• System hardening
• Next-generation firewall
• File integrity monitoring
• Advanced DDoS mitigation
• Pro (Terabit+)
• 24/7 SIEM services
• Intrusion Prevention System (IPS)

Bolt-on CORE Security™ Services

In addition to the above security packages, we offer a range of additional security enhancements to deliver maximum protection from cyber threats:

• Data loss prevention (DLP)
• Web application firewalls (WAF)
• Penetration testing
• URL filtering (Virtual Desktops only)
• Email spam filtering and antivirus (Exchange only)
• Compliance consultancy

ReGrade: Keep systems up and running by testing with live traffic, before you go live Today’s software doesn’t come in a box. It just runs—non-stop. Your Software and DevOps teams have to keep things running while continually releasing new application features—sometimes pushing code updates as fast as they’re written. Yesterday’s testing methods weren’t made for this. ReGrade uses patented, comparison-based traffic analysis to evaluate release versions side-by-side—quickly locating differences or defects. Users only see the production system, but ReGrade compares the two systems, finding bugs and other unintended changes before release. And ReGrade gives insight on performance too—by tracking server response times against identical loads and requests. ReGrade:

• Verifies quality of software upgrades and patches using real production traffic
• Prevents costly rollbacks and cumbersome staging
• Enables regression testing in development, QA, and production
• Spots differences in content, metadata, application behavior and performance
• Speeds debugging with packet capture and logging

ReCover: Detect and Isolate Attacks-Even Zero-Day-Without Impacting Operations Redundancy is no guarantee of continuity when your backup systems have been corrupted. Modern systems need proactive monitoring and resilience—not just redundancy. ReCover detects anomalies—including zero-day attacks—by comparing network responses across servers. In an alarm, affected systems are isolated and traffic is switched to clean, resilient servers. With traditional intrusion detection solutions, administrators bring their own systems down on false positives just to make sure they’re ok. But that defeats the point. By switching traffic to a resilient, clean system with an independent attack surface, ReCover keeps operations going even in the face of threats. False positives don’t matter. ReCover: Provides intrusion detection without interrupting operations Detects zero-day attacks with patented comparison technology Isolates attacks while enabling operations to continue on clean servers

Save time & money

Increase security by focusing on remediating  vulnerabilities that are a part of a validated attack path to a business process or critical asset

Key features:

• Creates actionable insights based on critical vulnerabilities that threaten your business process for immediate alerts and remediation with one click
• Continuous silent vulnerability scanning on all IP based devices on premise or in the cloud
• Automatically detects critical assets and finds how hackers could reach and threaten them, no human involvement required.
• Cronus is certified for Penetration Testing by CREST
• Help comply with GDPR –require regular pen testing, vulnerability management and greatly reduces the risk of breach to your sensitive data.

Continuous. Perform continuous scans all year round, valid for both vulnerability management and penetration testing to stay on top of your network’s security 24/7. See live map and get real-time alerts on current threats to your business processes. Global. Cybot can be deployed globally and showcase global Attack Path Scenarios ™ so you can see how a hacker can hop from a workstation in the UK to a router in Germany to a database in the US. This capability is unique both for penetration testing as well as for vulnerability management.  The various CyBot Pros will be managed by a single Enterprise dashboard. Business Process Focused. CyBot brings context to each asset it scans, checking how it could affect a business process. In this way, you can funnel all your vulnerabilities and first focus on those that are exploitable and that are a part of an attack path to a critical asset or business process. This greatly reduces the resources needed for patching and ensures business continuity.

Which CyBot is right for me?

CyBot is a next-generation vulnerability management tool as well as the world’s first Automated pen testing solution, that continuously showcases validated, global, multi-vector, Attack Path Scenarios ™ (APS), so you can focus your time and resources on those vulnerabilities that threaten your critical assets and business processes. CyBot has one core engine: CyBot Pro, plus two additional management consoles. One for Enterprises and one for MSSPs. CyBot Pro is the workhorse of the product suite. It is a patented autonomous machine-based penetration test which initially scans the networks, its assets, its vulnerabilities and then takes the next step to map out and validate all the routes a hacker could take to reach your critical assets and business processes. Much like the process a human penetration tester would follow, but continuously and at a much larger scale and scope. CyBot Enterprise manages several CyBot Pros. This is great for larger organizations with global networks who wish to gain insights on global Attack Path Scenarios ™ between their branches, each using a different CyBot machine. CyBot Enterprise will aggregate information from all CyBot Pros for in-depth global insights on cyber threats to your business processes. CyBot MSSP provides large managed security service providers with full control of their Enterprise customers, each with their various CyBot Enterprise and CyBot Pro accounts. Schedule their scans, get alerts to your SIEM and much more

The nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities across the threat spectrum. Unlike other solutions, it does not rely on rules and signatures, but instead learns from your environment, security analysts, external sources and threat patterns from other environments. nLighten can detect unknown and insider threats, APTs and targeted attacks that other approaches miss, while reducing false positives to less than 5%. Benefits:

• Detect unknowns
• Improve Efficiencies
• Lowest TCO

How it Works? JANUS - AI MACHINE ANALYST One of the most significant problems facing security teams today is the overwhelming amount of information they are faced with every day from disparate, unintegrated systems that generate very basic security alerts. The average enterprise is presented with 10,000 or more security alerts every month, and on average it takes a security analyst 10 to 15 minutes to properly review a single alert. With minimal alert prioritization and a false positive rate of 95%, this makes it impossible for security teams to focus on what matters. Janus, our AI machine analyst, automates the tedious task of triaging this alerts. Using active learning techniques, it is able to understand the context of the alerts and suppress the ones that are not relevant, resulting in a prioritized list of alerts for your team to review that has a false positive rate of less than 5%. DATA INGESTION The nLighten platform analyzes the raw data that you are already collecting. There is no need to deploy or manage sensors or collectors throughout your environment; simply transfer log and flow data through a secure and redundant connection such as Netflow, Firewall, Proxy, AD, DNS, VPN, web servers, custom applications, IoT & sensor logs, even employee access and travel logs. We can process virtually any log format. AUTOMATION, CONTROL & MANAGEMENT ENGINE nLighten sits on top of a big data platform and requires technologies and skill sets from across several disciplines. To automate the entire process, we have built a unique Automation, Control and Management Engine (codenamed ACME), which is the glue that brings all of the functionality together. Our proprietary engine that orchestrates the entire end-to-end process, providing real-time ingestion of data, cloud-like auto scaling, and full end-to-end automation, allowing for a continuous near-real-time analysis of your entire environment. USER INTERFACE Our UI has been designed specifically to enable your team to work with increased speed and efficiency through an intuitive, easy to use interface that provides rich dashboards for instant situational awareness, along with deep evidence bundles that integrate everything your team needs to complete their investigation in one place. ANALYTICS CORE Artificial Intelligence (AI) can be an incredible tool to drive efficiencies and aid in human decision making, especially when presented with an overwhelming amount of data and variables. It’s important to note that AI can only make decisions based on the information it is given. So if the input is only known threats, the AI is unable to provide information on unknown threats. That’s why our Analytics Core is comprised of Unsupervised Machine Learning. Unsupervised Machine Learning is the only way to identify unknown threats. Implementing a concept we refer to as Analytic Pluralism, our extensible, pluralistic core simultaneously runs dozens of unique analytics against your data, identifying anomalies that may be representative of threats or hygiene issues and passing those anomalies to Janus, our AI. No rules or signatures, just the most advanced set of machine learning. INTELLIGENCE ENGINE The Intelligence Engine gathers, distills and organizes intelligence and information from multiple sources, including information from raw logs about your environment, threat intelligence feeds, security analysts, third-party sources, and open source data. Janus uses this information to learn your environment and adapt to the threat landscape, making decisions about whether or not something is malicious, and then providing context with the alert to assist with rapid investigation. MANAGED SOC Security is about more than just intelligence; it’s about action. Our Managed SOC reviews all results, flagging any urgent alerts and ensuring your team has the context needed to take immediate action. Guided investigation services are built into our User Interface (UI), providing simple and integrated direct access to our Cyber Experts, if needed, who can work with your team to investigate flagged anomalies. DELIVERED AS A SERVICE The nLighten platform brings together best of class technology from across big data, AI, analytics and cloud. It can be an expensive and resource-intensive project for any organization to undertake on their own, costing tens of millions of dollars just for R&D, let alone the cost and complexity of deploying and managing a production environment that spans so many disciplines. This is why Cybraics offers the entire platform as a monthly recurring service; we can provide the most sophisticated security analytics and AI services available for a fraction of the cost to you, and scale to meet your organizations size and sophistication level.

Manage Your Attack Surface

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface. With its comprehensive global botnet, the CyCognito platform uniquely reveals unknown and unmanaged assets associated with your organization – including those in cloud, partner and subsidiary environments – that are critical to your cybersecurity risk management. In fact, CyCognito helps organizations identify 30 to 300% more assets than they knew existed prior to using the CyCognito platform.

Prioritize and Eliminate Attack Vectors

The CyCognito platform helps you eliminate critical attack vectors with a continuously updated and prioritized view of your attacker-exposed IT ecosystem. You and your security team can use the CyCognito platform to pinpoint critical risks just as attackers do. Organizations that still have to perform legacy external testing to meet customer agreements or compliance regulations use the CyCognito platform to augment and optimize those processes by focusing the legacy tests on the areas of greatest risk that the CyCognito platform has identified.

Monitor Subsidiary Risk

The CyCognito platform gives you immediate visibility of the security posture of your subsidiaries and organizations you are evaluating for merger or acquisition. It identifies their attack surfaces and the effectiveness of their security controls, without requiring any deployment or configuration.

Global Bot Network

CyCognito’s Global Bot Network uses attacker-like reconnaissance techniques to scan, discover and fingerprint billions of digital assets all over the world. No input or configuration needed.

Asset Mapping

• Web applications
• Keyword and code fragments
• Logos and icons
• Deployed software
• TLS configuration
• IP ranges

Multi-Vector Attack Simulator

Using CyCognito’s proprietary risk-detection methods, the attack simulator identifies risks per asset and discovers potential attack vectors. It doesn’t affect business operations and works without deployment, configuration or whitelisting.

SECURITY MODULES

Public Techniques:

• Vulnerability assessment

• Encryption analysis

Proprietary Techniques:

• Authentication testing

• Misconfiguration detection

• Network design analysis

• Data exposure detection

• Code injection risks

Protecting Your Organization from Shadow Risk

Explore the different ways CyCognito helps take your cybersecurity risk out of the dark.

• Completely External

Operates externally and continuously in the cloud, with no impact on business continuity.

• Configuration Free

No need for software deployment, integration or configuration. It just works immediately, out of the box.

• Runs Automatically

Works independently across your organization’s environment, without affecting operations.

The CyOPs Platform utilizes CyberSponse’s patented technological process to fill the gap between automation-only and human dependent security organizations, while also facilitating cross-functional collaboration. Integrate your SOCs entire security stack behind a single pane of glass with unlimited daily actions, fortifying your data and maximizing ROI.

Incident Management

Distinguishing Real Threats From Endless Alerts

Real threats are often overlooked, largely as a result of the copious amount of alert notifications that accumulate daily. CyOPs Automated Intelligent Triaging enables Security Analysts to efficiently uncover these important alerts, prioritizing them based on severity, asset, intelligence, and frequency. To investigate alerts more efficiently, it’s very important to be able to understand and review data in a consumable manner. CyOPs Case Management solution understands the need to manage data effectively and provides options to:

• Manage Alert and Incident Listings in a filter-able grid view
• Ability to add mini-dashboards on each grid to gain visibility into the bigger picture and understand trends
• Ability to define new modules, unlike any other SOAR offering- with customization of modules such as fields, views, and permissions
• Visual layout editor to define custom views, data models, fields, and grids

CyOPs for MSSPs

Integrate All Your Security Tools

Enterprise-level SOCs leverage a multitude of products and tools to effectively resolve incidents and fulfill compliance requirements.  CyOPs caters to our clients’ specific environment needs due to the customizability of product, which results in greater efficiency, eliminated alert fatigue, and maximizes their ROI. The CyOPs Integrations Repository has over 280 available integrations, enabling users to automate their entire security stack behind a single pane of glass.
A unified console built on the only enterprise multi-tenancy architecture.

• Obtain a complete overview of all your customers (tenants) in a single unified CyOPs master console.
• Filter views by customers, to understand the customer’s current state
• Assign and adhere to the Roles and Permissions assigned to each tenant
• Create customer specific alert and incident views
• Robust and scalable architecture for load-balancing usage

Role Based Custom Dashboards

Insight From Multiple Perspectives

CyOPs offers customers enterprise dashboards enabling better decision making.

• Choose from multiple canned dashboards from multiple perspectives
• Export and import dashboard templates
• Export dashboard views as PDFs

Full Role-Based Access Control

• Assign multiple roles to each dashboard to control visibility across the team.
• Ability to assign roles and permissions to dashboard templates
• Ability to make selected dashboards as default for all system users
• Ability to create user-specific dashboards and reports

Reporting

Library of Out-of-the-box Reports

• Leverage the CyOPs Report Library for a quick start with many commonly used reports
• Use ready-made reports like Incident Closures, Alert Closures, IOC Summaries etc.
• CyOPs Support Portal using Report Import functionality
• Customize out-of-the-box reports for organization-specific metrics
• Export Reports in CSV & PDF Formats

Queue Management

Create Dedicated Queues

Leverage the built-in CyOPs Queue Management to handle automatic work assignments across multiple queues and teams

• Create multiple queues across multiple teams
• Add multiple team members to each Queue
• Define logical rules for auto assignments to a specific member or team
• Option to add work tasks manually to any queue

Manage SOC Shift Change With Ease

Streamline SOC Team Onboarding & Management

CyOPs™ enables new SOC team members to start making an impact right away due to its ease of use and ability to retain information from previous employees. Standardized trackable and repeatable processes result in a more efficient onboarding plan for new SOC team members. Create standard automated response processes using the most versatile enterprise drag-and-drop CyOPs Playbook builder that not only retains team knowledge but also shortens incident response times. Maximize your team and security stack with CyOPs™ automation.

• SOCs that work in multiple shifts perfects shift changeovers with ease
• Create multiple queues for different shifts
• Define rules for assigning alerts and incidents based on the timezone
• Obtain snapshots of a shift’s queue to better understand task status
• Option to add manual tasks to any queue or team member

Being able to identify all the types of issues and events, including custom code and SoD violations, ERPScan provides unparalleled vulnerability management capabilities. With the help of carefully designed machine learning features, it can analyze huge amounts of log data, which go beyond human capacity, to detect cyberattacks and anomalous user behavior. ERPScan Smart Cybersecurity Platform is equipped with a set of modules that encompasses all the main areas of enterprise security outlined in the Gartner PPDR and SAP Cybersecurity Framework. Each of the modules is designed to fit the specific needs of different roles. Moreover, the new interface of the platform makes them easier to be worked with and enhances the overall efficiency of security practices.

Detect    

• Collect all the logs generated in your SAP system
• Detect 0-day and 1-day attacks with the help of machine learning
• Analyze user behavior and detect anomalies

Assess    

• Understand your assets
• Schedule security checks
• Identify vulnerabilities, misconfigurations, customization issues, and SoD violations

Monitor    

• Check compliance
• Monitor all connections between systems with the Threat Map
• Review security posture with high-level role-tailored dashboards
• Get all the necessary security information with the help of the search engine

Prevent    

• Automate code correction
• Generate virtual patches on the fly
• Export 0-day signatures to IDS/IPS system

Respond    

• Track changes between scans
• Receive notifications
• Create incidents in external Incident and Task Management systems

Key benefits:

• Perform industry-specific checks
• Cover all areas of SAP security
• Report on the security posture to the management
• Save time and reduce the costs of compliance
• Simplify vulnerability management

Faraday was made to let you take advantage of the available tools in the community in a truly multiuser way. Designed for simplicity, users should notice no difference between their own terminal application and the one included in Faraday. Developed with a specialized set of functionalities, users improve their own work. Do you remember the last time you programmed without an IDE? What IDEs are to programming, Faraday is to pentesting.

Plugins

You feed data to Faraday from your favorite tools through Plugins. Right now there are more than 70+ supported tools. There are three Plugin types: console plugins which intercept and interpret the output of the tools you execute, report plugins which allows you to import previously generated XMLs, and online plugins which access Faraday's API or allow Faraday to connect to external APIs and databases. Supporting output from +70 tools, Faraday Platform centralizes all your efforts and gives sense to your main objectives. Providing powerful Automation Technology, it helps you reduce your findings’ life cycle by prioritizing actions and decreasing the exposure time of your assets, promoting collaboration by allowing big and small groups of people to work together. Plus, get deep insight on all your projects with just a couple clicks.

Key features

Custom Implementation. No infrastructure changes needed: implement Faraday On-prem, Cloud or Hybrid without network changes. Flexible Integrations. Import output or results from 3rd party tools and synchronize your ticketing systems (JIRA, ServiceNow) and security enhancements (2FA, LDAP) Workflows. Implement custom events by triggering actions or vulns' content in real time Deduplicate Vulns. Faraday's Global Vuln KB allows you to customize descriptions and apply them accordingly. Agents. Define and execute your own actions from different sources and automatically import outputs into your repository. Scheduler. Automate repetitive Agents' actions and check results on your Dashboard. Graphics. Get a visual representation of all your findings with just one click. Faraday Client. Solution’s  shell allows you to upload results while pentesting actively. Methodology and Tasks. Setup your own strategy, assign tasks to users for each phase and easily follow them up.

Choose the plan that best: fits your needs

Community Faraday supports the InfoSec Community around the globe by offering a free open source version that improves on daily workflows

• Feed data to Faraday from your favorite tools
• Divide projects by your own rules
• Customize your instance

Professional Designed for small pentester teamwork. Integrate and report main data generated during a security audit.

• Easily identify and sort your database
  Craft and export projects using your own templates
  Plan ahead and keep track of your goals

Corporate Operate large volumes of data and save time with the Automation Technology, reducing your findings’ life cycle

• Prioritize actions, decreasing exposure time for your assets
• Adapt strategies to customize every phase of your projects
• Integrate everything!

As the creators of the original SaaS security platform – well before cloud security services became all the rage, and long before competitive companies saw the light – Digital Defense continues to set the standard for the delivery of SaaS solutions and services. The Frontline.Cloud security Software as a Service (SaaS) platform supports multiple systems including Frontline Vulnerability Manager™ (Frontline VM™), Frontline Pen Testing™ (Frontline Pen Test™), Frontline Web Application Scanning™ (Frontline WAS™) and a new offering, Frontline Active Threat Sweep (Frontline ATS™). Frontline.Cloud, is hosted on Amazon Web Services (AWS) and incorporates Digital Defense’s patented and proprietary technology. The platform, already industry recognized for ease of use and rapid deployment, now offers organizations significant administration efficiencies for assessing premise-based, cloud, or hybrid network implementations through AWS hosting. The Frontline.Cloud platform delivers high quality results and includes unified management and comprehensive reporting. Extensive application programming interfaces are also available, enabling tight integration with 3rd party cloud and/or premise-based systems resulting in effective automation of security operations.

The Frontline.Cloud™ Systems

Frontline Vulnerability Manager (Frontline VM) is the industry’s most comprehensive, accurate, and easy to use VM platform – bar none. Frontline VM comprehensively identifies and evaluates the security and business risk postures of network devices and applications deployed as premise, cloud, or hybrid network-based implementations. Now residing entirely in Amazon Web Services (AWS), Frontline VM easily addresses the security compliance requirements of organizations around the globe. Competitors’ vulnerability management software solutions may have, in fact, reached “commodity” stature – being milked for cash at the expense of continued R&D investment. Nothing could be further from the truth for Frontline VM.  Frontline Active Threat Sweep (Frontline ATS), an agentless system, enhances your existing defense-in-depth coverage by uncovering gaps in your present endpoint protection, active threats and indicators of compromise. Digital Defense’s Frontline Active Threat Sweep™ (Frontline ATS™) complements your existing endpoint protection technologies providing an agentless, easy to deploy method to quickly and reliably analyze assets for active threat activity and indications of compromise. Enhance your existing defense-in-depth coverage by uncovering gaps in your existing protection. Pinpoint which assets have no endpoint protection installed or that are out-of-sync and out-of-date leaving one or more assets at risk. Frontline ATS enables organizations interested in threat hunting to deploy a threat detection capability on top of Digital Defense’s proprietary technology architecture that is lightweight and effective, to gain instant visibility into assets that demonstrate indications of compromise. Frontline Web Application Scanning (Frontline WAS) has been developed to provide the highest level of dynamic web application testing results through a system that is easily deployed and maintained. Frontline Web Application Scanning™ (Frontline WAS™), a Frontline.Cloud SaaS security system, is housed in Amazon Web Services and has been developed to provide the highest level of dynamic web application testing results through a system that is easily deployed and maintained. Enjoy the benefits of a technology you can trust to deliver unparalleled accuracy with minimal consumption of resources. Underpinned by DDI NIRV™, Digital Defense’s patented scanning technology, Frontline WAS overcomes frustrations experienced by security professionals such as the lack of accurate results and complexity found in deploying other web application scanning tools.

• Easy deployment and configuration
• High level dashboards at the scan level and a per web application to easily expose overall security postures at various levels
• “Blind Spot” coverage commonly missed by other web application assessment technologies
• Prioritization of the most critical vulnerabilities, saving organizations valuable resources through targeted remediation efforts
• Tracking of and trending on new, recurred and fixed vulnerabilities
• Intuitive results navigationActive View – web application scan data management across all web application scan activities
• Robust filtering – providing the data and views you want instantly
• Dynamic reporting / visualization including OWASP Top 10
• Frontline Security GPA® trending that offers a dynamic view of your security posture
• Ability to compare Frontline VM and WAS Asset Ratings automatically, with no manual intervention required

Patch management: Fix vulnerabilities before an attack

Patch management is vital to your business. Network security breaches are most commonly caused by missing network patches. GFI LanGuard scans and detects network vulnerabilities before they are exposed, reducing the time required to patch machines on your network. GFI LanGuard patches Microsoft ®, Mac® OS X®, Linux® and more than 60 third-party applications, and deploys both security and non-security patches.

 Network auditing: Analyze your network centrally

GFI LanGuard provides a detailed analysis of the state of your network. This includes applications or default configurations posing a security risk. GFI LanGuard also gives you a complete picture of installed applications; hardware on your network; mobile devices that connect to the Exchange servers; the state of security applications (antivirus, anti-spam, firewalls, etc.); open ports; and any existing shares and services running on your machines.

Vulnerability assessment: Discover security threats early

More than 60,000 vulnerability assessments are carried out across your networks, including virtual environments, mobile and network devices. GFI LanGuard scans your operating systems, virtual environments and installed applications through vulnerability check databases such as OVAL and SANS Top 20. GFI LanGuard enables you to analyze the state of your network security, identify risks and address how to take action before it is compromised.

• Patch management across multiple operating systems. GFI LanGuard is compatible with Microsoft®, Mac OS X® and Linux®, operating systems, as well as many third-party applications. Scan your network automatically or on demand. Auto-download missing patches or roll-back patches.

• Integrates with third-party security app. GFI LanGuard integrates with more than 4,000 critical security applications, including: antivirus, anti-spyware, firewall, anti-phishing, backup client, VPN client, URL filtering, patch management, web browser, instant messaging, peer-to-peer, disk encryption, data loss prevention and device access control. It provides status reports and lists of instant messaging or peer-to-peer applications installed on your network. It also rectifies any issues that require attention such as triggering antivirus or anti-spyware updates.

• Know what’s happening on your network. GFI LanGuard's network auditing gives you a comprehensive view of your network – including connected USB devices smartphones and tablets, as well as installed software, open shares, open ports, weak passwords and any hardware information. Secure your network by closing ports, deleting obsolete users or disabling wireless access points.

• Network and software auditing. Security audits. The interactive dashboard provides a summary of the current network security status and a history of all relevant changes in the network over time. Drill down through information, from network-wide security sensors to individual security scan results.

• Manage reporting. Reports can be exported to popular formats like PDF, HTML, XLS, XLSX, RTF and CSV, and can be scheduled and sent by email. They can also be used as a template to create new custom reports and are fully re-brandable.

• Run agent-less or agent-based modes. GFI LanGuard can be configured to run in agent-less or agent-based mode. Agent technology enables automated network security audits and distributes the scanning load across client machines.