Nmap is a popular and versatile tool for port scanning, network discovery, and security auditing, but its scan results can be complex to interpret. Vulnerability remediation platform maker Vicarius wants to change that. It began offering Wednesday a free tool—Nmap Scan Analysis—that security professionals, IT administrators and pentesters can use to get a comprehensive visualization of Nmap scan data.
Nmap users can use the tool to import an XML file of their scan results into the company’s TOPIA dashboard, where the data is analyzed and subsequently displayed in a clear and visually coherent way that includes open ports, services, operating systems, and detected CVEs.
“Our tool makes Nmap easier to work with,” Vicarius CEO Michael Assraf says in an interview. “It offers a visual alternative to an XML report or terminal output, which a lot of people have a hard time working with. Cybersecurity shouldn’t be so complex,” he adds. “It should be easy. It should be accessible. You shouldn’t need years of experience in pentesting and vulnerability assessment in order to figure out where you’re vulnerable.”
VicariusNmap scan initiated from terminal with output before TOPIA analysis
VicariusNmap scan initiated from terminal with output after TOPIA analysis
Influx of new vulnerabilities
Nmap Scan Analysis can help security professionals identify high-risk assets and understand where they are vulnerable. Devices that are typically not covered with traditional agent-based vulnerability assessment tools, such as printers and routers, can be key entry points for malicious actors. The tool illuminates those problem areas so system administrators can respond quickly.
“With the constant influx of new vulnerabilities, it’s almost impossible to stay on top of our assessments and understand where we are vulnerable,” Charles Camello, head of infrastructure and cybersecurity at Soprano, a mobile messaging software company, said in a statement. Nmap Scan Analysis “augments our capability to identify vulnerabilities in internal and unmanaged assets. Before, we didn’t have this type of intelligence, insight, and analysis. This tool has significantly improved our security posture.”
Assets on decentralized networks and work-from-home offices
Nmap Scan Analysis can also help network administrators simplify the newfound complexities of managing decentralized assets, remote environments, and IoT devices. “Decentralized networks and working-from-home have made it more difficult to gain a thorough understanding of the assets in a network,” Alejandro Zamarripa Treviño, an information security analyst with Farmacias Benavides, a Mexican drugstore chain, said in a statement. “With the rich Nmap visualization provided by Vicarius, we have eliminated the lack of coverage and feel more confident that we have our entire network under control.”
The Vicarius tool also allows users to see the details of what has changed in their network from scan-to-scan. It stores all historical scans so security teams can reliably find, analyze, and resolve asset discrepancies in their network.
Nmap scripts on GitHub
Vicarius is also making its Nmap scripts publicly available on its GitHub repository. Its engineers will push code updates and new features directly to the open-source project, so new enhancements will be available on a continual basis. With this community contribution, Nmap users can expect to receive better precision, dynamically updated CVE content, and daily CVE updates.
“The results a customer will get—even if they are not running our scripts—will be more updated because they will have the most up to date CVE files,” says Assraf. “The Nmap community is good, and it’s nice that people are contributing, but with a commercial company contributing, things become much more professional.”
Copyright © 2022 IDG Communications, Inc.
