Titania
Titania founded in 2009 specialize in developing commercial software packages to enable organisations, auditors and consultants to undertake their own security auditing and testing in a fraction of the time it would take to manually undertake these tests and at a fraction of the cost. Titania flagship product is Nipper which Titania sell to great acclaim all over the world. Titania is the market leader on the network device and security device security audit and assessment market.
Head Office in the UK are one of the leading and fastest growing software companies. Titania solutions being adopted and maintain on many leading telecommunication companies, government departments, large corporate companies, IT Security companies and more.
E-SPIN and Titania
E-SPIN have actively in promoting Titania Nipper Studio full range of products and technologies as part of the company Vulnerability Management solution portfolio - for network device security audit testing and reporting and Security Management solution portfolio - for security and risk compliance audit and configuration check/reporting. E-SPIN is active in provide consulting, supplying, training and maintaining Titania products for the enterprise, government and military customers (or distribute and resell as part of the complete package) on the region E-SPIN do business. The enterprise range from university to listed corporation IT security professionals on the vulnerability assessment, security audit, or IT security company on the security operation center (SOC) for configuration security check and audit for security risk compliance or cyber security / cyber warfare / military security defense applications and infrastructure network audit.
Please feel free to contact E-SPIN for your inquiry and requirement, so we can assist you on the exact requirement in the packaged solutions that you may required for your operation or project needs.
Nipper Studio
Quickly identifies undiscovered vulnerabilities, so you can stay secure, harden your networks and prevent attacks in minutes.
Configuration Reporting
Discover misconfigured systems and firewall, switch and router vulnerabilities, effortlessly and without mass network traffic.
Includes Mitigation
Nipper Studio’s reports include manufacturer specific, mitigation advice and fixes. Meet your security targets faster and become compliant now.
Continual Monitoring
Secure configurations are essential, but build reviews take time. Automate with Nipper Studio and spend time fixing not finding!
Overview
Security that keeps you steps ahead
Harden your network infrastructure before attacks happen
Nipper Studio was the 1st advanced and detailed configuration auditing tool in the world. It is the configuration auditing tool of choice, for enterprise clients in 80 countries.
It helps you harden and secure vital network devices, such as Firewalls, Switches and Routers.
- Detailed configuration reporting, gives quick, clear views of device settings.
- Scriptable for 24/7 vulnerability alerts, 365 days a year.
- Enhances enterprise scanning systems & removes accuracy concerns.
- Audits against industry standards such as CIS, STIG & NIST benchmarks.
- Our “Best Practice” security audits (combining multiple industry checks).
- Rating systems and mitigation advice, helps you prioritize and plan fixes.
- Automated configuration auditing is comprehensive, fast and efficient.
- Audit systems in less time, without mass network traffic generation.
- Simple to use. No lengthy implementation investment or roll-out required.
- Agentless. No additional software or systems to install or maintain.
- Audit offline, online, physical, virtual and isolated systems.
- Tools can be scheduled, scripted and work on multiple platforms.
- Integrates easily with existing systems.
- Easily customize settings to suit your own policies.
- Data outputs can be included into your current solutions.
The result?
Nipper Studio is a quick to implement, efficient and scalable tool, that users love. Perform a build review on your firewall, switch or router configurations – discover new vulnerabilities (that others might find) & harden your networks, today.
Reporting
Nipper Studio has a wealth of different report options to fit your auditing needs.
Whether you are striving to become compliant with an industry standard or to your own security targets, Nipper Studio’s reports can help you achieve your goal quickly and easily.
Perform a "best practice" security audit (combining multiple industry checks). Use rating systems and mitigation advice to prioritize and plan your fixes.
Detailed configuration reporting, including information such as: filtering, routing protocols, administration services & more. This report offers a quick, clear view of your device settings.
Audit against global public vulnerability repositories such as the:
US Govt NVD (National Vulnerability Database) & the NIST CVE (Common Vulnerability and Exposures) databases. Security issues in the public domain are even easier to exploit, this report helps you quickly find and plug these holes.
The CIS (Center for Internet Security) benchmark reports, can be run against Cisco ASA & Cisco IOS Devices. These reports have been externally certified by CIS and verified as auditing against their baseline.
PCI (Payment Card Industry) audits, perform the automatable system checks and support integrating this verified data with non-automatable policy checks. Results offer detailed advice, verifying passes and explaining failures, so you can quickly become compliant.
U.S. Military STIG compliance audit developed in conjunction with DoD IA user groups. Nipper Studio is favored by many Government and Defense agencies because reports are detailed, verifiable and include remediation in line with STIG baselines. Reports can be generated offline for secure environments and scaled up to audit any number of devices.
A compliance audit against the SANS policy documents. The SANS institute is a trusted industry body which also trains information security professionals. Their policy is a great compliance benchmark to audit against in order to assess your security level.
Requirements
Comparison
What is the Difference Between Nipper Studio and Scanning Based Solutions?
It’s as simple as this. Vulnerability scanning tools mimic an attack by bombarding your device from the outside, trying to find a gap in your defenses.
Nipper Studio looks at the configuration of the actual device you are protecting. Being on the inside means that it can see all potential weaknesses, whether a scanner has located it or not. This typically offers you a much more detailed report and stops network vulnerabilities being left unmanaged.
Using the two technologies in conjunction with each other will give you a much higher level of security than scanning tools alone. The table below highlights some of the differences:
Devices
Paws Studio
Security & Compliance Auditing Software for Network Devices, Workstations, Servers & Laptops
Operating System Reporting
Paws Studio alerts you to misconfigured systems and security risks on Windows, Mac and Linux.
It runs natively, is agentless and can be used both offline and in the cloud.
Compliance Made Easy
Paws Studio includes multiple leading security and compliance standards – you can also create your own to defend against the latest zero day threats! – Test your compliance
Continual Monitoring
Securing your endpoints is essential - it’s also a time consuming, thankless task (which means it sometimes gets missed).
Free up your experts – Automate it
Overview
Security that keeps you steps ahead
Harden your workstations and servers before attacks happen
Paws Studio is the most comprehensive security auditing tool in the world. It is the tool of choice, trusted by businesses, organisations and governments. Quickly secure vital network devices, such as workstations, laptops and servers.
- Detailed operating system reporting, gives quick, clear views of device set-up, software and running status.
- Identify O/S vulnerabilities, you might otherwise miss.
- Enhances enterprise scanning systems & removes accuracy concerns.
- Audits against industry standards such as Cyber Essentials, CIS, STIG & NERC.
- Or use the “Policy Editor” to create your own audits (e.g. combine multiple industry checks).
- Mitigation advice, helps you prioritize and plan fixes.
- Customized security and compliance reports, delivered in seconds.
- Audit systems in less time, without mass network traffic generation.
- Simple to use. No lengthy implementation investment or roll-out required.
- Agentless. No additional software or systems to install or maintain.
- Audit offline, online, physical, virtual and isolated systems.
- Tools can be scheduled, scripted and work on multiple platforms.
- Integrates easily with existing systems.
- Easily customize settings to suit your own policies.
- Data outputs can be included into your current solutions.
The result?
Paws Studio is a quick to implement, efficient and scalable tool, that users love. Review your workstation and server – discover new security vulnerabilities (that others might find) & harden your networks, today.
Fully scalable licensing from SME's to enterprise
Reporting
Paws Studio helps you achieve your compliance & security goals quickly and easily.
Check compliance against the most trusted information security standards in the world or use custom reporting options to create, comply and maintain your own policies.
Paws Studio Policy Editor lets you quickly create your own security audits from scratch (or by editing pre-defined polices). Customized reports can be generated in seconds. Less time auditing, more time securing your systems.
A detailed report showing your machine configuration. This report gives you a quick and clear view of your current device settings.
The CIS (Center for Internet Security) benchmarks are a set of consensus-based security configuration guides that are gaining an important role in shaping policies and decisions. Developed and accepted by government, industry and academia, the CIS standards now encompass compliance requirements of other industry policies such as FISMA, PCI, HIPAA and more. Paws Studio can audit your devices in line with the CIS baseline and produce reports externally certified by CIS.
The purpose of the United States Government Configuration Baseline (USGCB) initiative is to create security configuration baselines for Information Technology products widely deployed across the federal agencies. The USGCB baseline evolved from the Federal Desktop Core Configuration mandate. The USGCB is a Federal government-wide initiative that provides guidance to agencies on what should be done to improve and maintain an effective configuration settings focusing primarily on security.
Detailed system reporting against the U.S. Military DISA STIG Checklists. Paws Studio is favoured by many Government and Defence agencies because reports can be generated securely offline and scaled up to audit any number of devices.
This is an audit against the Payment Card Industry policy. If you need to comply with this standard, the report will quickly complete the automatable checks, explain where and why you have passed or failed and offer advice to help you become compliant.
The Defence Cyber Protection Partnership (DCPP) is a joint MOD/Industry initiative that was established in 2013. The DCPP is tasked with improving the protection of the defence supply chain from the cyber threat. Alongside MOD, the DCPP is made up of; 13 defence primes; 2 trade associations ADS (Aerospace, Defence and Security) and techUK representing small and medium sized enterprises (SMEs); the Department for Culture, Media and Sport; the Communications Electronics Security Group (CESG) and the Centre for the Protection of National Infrastructure (CPNI).
The U.S. National Security Agency (NSA) security guidelines are trusted all over the world as an authority on information security. With input from many security experts, this offers useful insights into system configuration vulnerabilities.
Improve security in three key areas: system information, specific machine states and assessment reporting. OVAL information assurance metrics include data on publicly available security issues (often targeted by cyber-criminals). This report helps you quickly find and plug these holes.
The SANS institute is a trusted industry body and provider of training for security professionals. Their policy is used all over the world as a security benchmark, why not use this report to see how your defenses stack up?
The NERC standard provides requirements for Critical National Infrastructure Protection (CIP). This standard is mandatory for CIP providers in the U.S.A. and a global benchmark for protecting many critical networks.
Editor
Choose a policy or create your own
Pre-defined policy standards provide useful security baselines, but may not include security for custom systems, or meet all your needs.
- Create custom policies quickly and easily – your systems, your security.
- Save time and simplify. Modify industry standard policies (that you have to comply with) and add your own custom requirements.
- Audit for zero day exploits - as soon as they’re discovered.
Requirements
Devices
