Customizable, Python-Based Vulnerability Rules Now Available in nCircle IP360™

Business Wire
Share
Wednesday, February 20th 2013

New capability expands nCircle’s custom vulnerability rule editing and creation toolset

Advanced

nCircle, the leader in information risk and security performance management solutions, today announced that IP360™ users can now create custom vulnerability detection rules using the well-known Python programming language. The new tools augment nCircle’s existing Advanced Security Profiling Language (ASPL), making it possible to rapidly build targeted, tailored vulnerability assessments for specific business requirements.

Large, complex enterprise networks often include custom and legacy hardware applications. Complete assessment of these applications and devices for security weaknesses is unavailable using commercial scanners. This means that undetected security weaknesses can be exploited by attackers to gain access to critical business information.

nCircle’s new, extensible Python-based custom vulnerability assessment rules allow users to design vulnerability detection for internal applications and legacy hardware, which is considered out-of-scope for most commercial vulnerability scanners. Python-based custom rules allow users to combine advanced programming techniques with various forms of authenticated access, including:

  • Simple Network Management Protocol (SNMP)
  • Windows Server Message Block (file and registry)
  • Windows Management Instrumentation (WMI)
  • Secure Shell (SSH)

Custom Python-based vulnerability assessment rules can also implement detection using proprietary network communication protocols.

“VERT is dedicated to providing the most comprehensive coverage in the industry, but there is no way any one vendor can cover all the custom software and legacy systems present in enterprise networks,” said Lamar Bailey, director of security research and development for nCircle. “Our new Python capabilities make it possible for our customers to create complex detection rules that dramatically extend their network visibility, which is a critical aspect of network security.”

nCircle IP360 users can collaborate with each other and VERT security engineers to share custom Python-based vulnerability assessment rules in a dedicated, online Suite360 user group.

For more information about nCircle IP360 please visit: https://www.ncircle.com/index.php?s=products_ip360.

About nCircle Suite360

Contacts

nCircle
Shelley Boose, 408-398-6987
sboose@ncircle.com

Business Wire logo Copyright (2013) Business Wire.
All Rights Reserved.