NTOEnterprise provides a global view of your application security program. It gives you the data you need to assess if your application security posture is improving or not. NTOEnterprise enables you to manage an enterprise application security program. It can be delivered as software and used with NTOSpider or used via SaaS with NTOSpider On-Demand.
NTOEnterprise gives you centralized control and automation over all aspects of your enterprise web application scanning including scan configuration, scheduling and monitoring.
Users can leverage NTOSpider On-Demand’s continuous scanning feature that checks web applications to see if they have changed and then rescans them. Security teams no longer have to worry that an undocumented application change has created an unknown exposure.
NTOEnterprise quickly scales to address your needs whether you have hundreds or thousands of applications. Not only does NTOSpider On-Demand have the ability to run an unlimited number of simultaneous scans, but it is also able to automatically create new scan engines to handle increased workloads.
Define and view applications by any attributes your organization needs to use through meta-tags. Tags provide the ability to view applications by grouping including: business unit, business risk/criticality, by owner, by location or any other grouping that helps you organize your applications.
Allows your organization to have complete understanding and control of the vulnerability scans and management. Leverage defined tagging combined with custom reports to provide a graphical view of the enterprise security posture across all enterprise applications to determine trends and status of the application security program.
Users can quickly find the scans they are looking for by server name, scheduled time of scan, etc. Through the easy-to-use list of scans configured in the system, you can see and manage the entire list of completed scans, search by scan configuration, start time, finish time or configuration name. Users can define their own meta data that they want to use to manage scans.
Centralized dashboard provides a consolidated view of web application scans that enables you to:
New asset tags facilitate flexible custom reporting and a graphical view of the security posture across all enterprise applications. Organizations can define (customize) their own tags to view applications and vulnerabilities from different vantage points. Organizations can tag by location, team or business functionality such as which applications store credit card data or Personally Identifiable Information (PII). In addition, organizations can define trending data to show vulnerability trends over time.
Custom report generators allow users to define filters to quickly find and analyze vulnerability information from their scans. The custom reports and charts provide the excellent report and presentation data for management including:
Users interact with NTOEnterprise to initiate, schedule and configure application scans through a simple user interface. Scans can be scheduled to run at regular monthly or quarterly intervals to provide ongoing monitoring of the organization’s application security issues. The enhanced interface enables users to easily configure application scans and review in-progress scans, recent scans, scheduled scans and configuration settings.
NTOEnterprise is now capable of creating tickets for each discovered vulnerability in popular issue management systems. Supported systems: RSA Archer, HP Quality Center, and Atlassian’s JIRA.