Actu
NT OBJECTives Releases New NTOEnterprise for Web Application Vulnerability Program Management
June 2012 by Marc Jacob
NT OBJECTives, a provider of automated, comprehensive and accurate web application security software, services and SaaS, today announced the availability of NTOEnterprise 2.0 which enables organizations to plan, manage, control and measure thousands of web application scans and also assess and prioritize areas of greatest risk across the enterprise.
NTOEnterprise features a consolidated graphical view of the enterprise security posture across all enterprise applications, allowing security professionals to easily determine vulnerability and application behavior trends, along with the overall status of the application security program. The new version includes data tagging capabilities that enable security teams to view applications by any user-defined criteria such as business unit, business risk, criticality, owner, location or any other grouping that can help security professionals organize applications. Security professionals now also have the ability to quickly navigate scan plans and configurations through flexible search functionality based on domain names, scan times and custom tagging.
NTOEnterprise enables customers to:
· Scale application security programs to handle simultaneous scans
· Centralize management and control of scan configurations, schedules and permissions
· Share information beyond security teams to developers, QA teams and executives
· Demonstrate compliance with regulatory and organizational security policies
NTOEnterprise 2.0 enhancements include:
Centralized Management Console
The new centralized dashboard provides a consolidated view of web application scans that includes:
· Active vulnerabilities by vulnerability type
· Six month vulnerability trending chart
· Recent completed scans
· Scans in progress
Enterprise Scan Management
The enhanced user interface improves users’ ability to initiate, schedule and configure application scans through. The consolidated interface enables users to quickly view in-progress, recent and scheduled scans. Scans can be scheduled to run at regular monthly or quarterly intervals to provide ongoing monitoring of application security issues.
Blackout Management
Users have an improved ability to define when scans can’t happen and when they can with improved blackout functionality. Only administrators can define blackout periods and the defined blackouts trump scheduled scanning so users can feel confident that business operations won’t be impacted.
Asset Tagging
New asset tags facilitate flexible custom reporting and a graphical view of the security posture across all enterprise applications. Organizations can define (customize) their own tags to view applications and vulnerabilities from different vantage points. Organizations can tag by location, team or business functionality such as which applications store credit card data or Personally Identifiable Information (PII). In addition, organizations can define trending data to show vulnerability trends over time.
Custom & Graphical Report Generation
New custom report generators allow users to define filters to quickly find and analyze vulnerability information from their scans. The custom reports and charts provide fantastic presentation data for management.
Test Management Software Integration
NTOEnterprise is now capable of creating tickets for each discovered vulnerability in popular issue management systems. Supported systems: RSA Archer, HP Quality Center and Atlassian’s JIRA.
Infrastructure & Performance
NTOEnterprise’s back-end infrastructure has been enhanced to optimize user experience and performance. The new installation model enables organizations to implement tighter security controls to each component.
