Analytics
2/20/2013
03:50 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

nCircle IP360 Utilizes Customizable, Python-Based Vulnerability Rules

New tools augment nCircle’s existing Advance Security Programming Language

SAN FRANCISCO, CA -- February 20, 2013 -- nCircle, the leader in information risk and security performance management solutions, today announced that IP360&trade users can now create custom vulnerability detection rules using the well-known Python programming language. The new tools augment nCircle's existing Advance Security Programming Language (ASPL), making it possible to rapidly build targeted, tailored vulnerability assessments for specific business requirements.

Large, complex enterprise networks often include custom and legacy hardware applications. Complete assessment of these applications and devices for security weaknesses is unavailable using commercial scanners. This means that undetected security weaknesses can be exploited by attackers to gain access to critical business information.

nCircle's new, extensible Python-based custom vulnerability assessment rules allow users to design vulnerability detection for internal applications and legacy hardware, which is considered out-of-scope for most commercial vulnerability scanners. Python-based custom rules allow users to combine advanced programming techniques with various forms of authenticated access, including:

Simple Network Management Protocol (SNMP)

Windows Server Message Block (file and registry)

Windows Management Instrumentation (WMI)

Secure Shell (SSH)

Custom Python-based vulnerability assessment rules can also implement detection using proprietary network communication protocols.

"VERT is dedicated to providing the most comprehensive coverage in the industry, but there is no way any one vendor can cover all the custom software and legacy systems present in enterprise networks," said Lamar Bailey, director of security research and development for nCircle. "Our new Python capabilities make it possible for our customers to create complex detection rules that dramatically extend their network visibility, which is a critical aspect of network security."

nCircle IP360 users can collaborate with each other and VERT security engineers to share custom Python-based vulnerability assessment rules in a dedicated, online Suite360 user group.

For more information about nCircle IP360 please visit: https://www.ncircle.com/index.php?s=products_ip360 .

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle Suite360 is an integrated suite that shares a unified scan engine, common scoring methodologies and centralized reporting and analytics. Suite360 includes IP360&trade for vulnerability management, WebApp360&trade for web application scanning, Configuration Compliance Manager (CCM)&trade for configuration auditing and file integrity monitoring, Certified PCI Scan Service&trade for on-demand self-service PCI scanning and Suite360 Intelligence Hub&trade for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer's premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.