Titania – Nipper
Photo Gallery
 |
Titania - Nipper
Additional Info
| Company | Titania |
| Website | titania.com |
| Company size (employees) | 50 to 99 |
| Headquarters Region | Europe |
Overview
In such a rapidly changing threat environment, demand for risk-based vulnerability management is higher than ever. Recent research by Omdia found that 70% of organizations have increased their investments in security solutions.
Introducing Nipper…
For more than a decade, elite cyber teams have relied on Titania’s accurate network configuration assessment software, Nipper, to determine whether their routers, switches and firewalls leave their networks open to attack due to misconfigurations and exploitable vulnerabilities. Nipper helps organizations close these security gaps by automatically prioritizing risks by criticality, allowing users to view vulnerabilities through their chosen compliance and security policy lenses, and providing insights and advice that are proven to accelerate the mean time to remediate. Nipper’s pass/fail compliance evidence also accelerates vulnerability assessment reporting, making it the tool of choice for many assessors.
Key Capabilities / Features
Providing complementary analysis to server centric vulnerability management solutions, auditors and assessors choose Nipper to deliver the level of detailed network risk assessments required to assess zero trust readiness using existing hardening standards, network segmentation rules and settings, and compliance with control standards and RMFs.
Nipper analyses configurations with the precision of a pentester, providing advanced network contextualization that suppresses irrelevant findings to reduce security audit and compliance assessment times by up to 80% when compared to other automated approaches.
Providing specific information about the tests performed, Nipper checks whether each configuration passes or fails to comply with the assessors chosen RMF control or security standards, including DISA RMF, NIST SP 800-53/171, STIG, CMMC and PCI DSS 4.0.
The solution prioritizes findings by compliance risk, visualizing the significance of them according to CVSS, STIG, Cisco SIR, and its own trusted risk criticality rating systems. Device-specific guidance on how to fix any misconfigurations, including command line scripts in some cases, is provided to decrease the mean time to remediate risks and inform POAMs.
How we are different
The method of assessment sets Nipper apart from its competitors. Where vulnerability scanners probe devices over the network, Nipper analyses the running configuration of the device. By virtually modelling the device configuration, Nipper analyses configurations as a single entity to consider interdependencies and suppress irrelevant findings. As a result, the findings reports are proven to offer unrivalled levels of accuracy which saves customers thousands of labour hours, and provide the granular detail needed to evidence compliance and/or provide remediation advice for detected vulnerabilities
Nipper is a downloadable application which is installed on a local machine, enabling deployment in air-gapped environments and offline networks. According to Gartner, Nipper solutions are also the only offline configuration review tools enabling auditing of air-gapped networks, which is vital for defence agencies.
One customer in the Consumer Goods industry ($500m - $1bn) commented: “Titania Nipper is one of the most in depth and accurate tools we have used. The precision of detecting threats and vulnerabilities is unmatched, no longer do we have a bunch of false positives to isolate.”
