nCircle, the leader in information risk and security performance management solutions, today announced that IP360™ users can now create custom vulnerability detection rules using the well-known Python programming language. The new tools augment nCircle’s existing Advanced Security Profiling Language (ASPL), making it possible to rapidly build targeted, tailored vulnerability assessments for specific business requirements.

Large, complex enterprise networks often include custom and legacy hardware applications. Complete assessment of these applications and devices for security weaknesses is unavailable using commercial scanners. This means that undetected security weaknesses can be exploited by attackers to gain access to critical business information.

nCircle’s new, extensible Python-based custom vulnerability assessment rules allow users to design vulnerability detection for internal applications and legacy hardware, which is considered out-of-scope for most commercial vulnerability scanners. Python-based custom rules allow users to combine advanced programming techniques with various forms of authenticated access, including:

• Simple Network Management Protocol (SNMP)
• Windows Server Message Block (file and registry)
• Windows Management Instrumentation (WMI)
• Secure Shell (SSH)

Custom Python-based vulnerability assessment rules can also implement detection using proprietary network communication protocols.

“VERT is dedicated to providing the most comprehensive coverage in the industry, but there is no way any one vendor can cover all the custom software and legacy systems present in enterprise networks,” said Lamar Bailey, director of security research and development for nCircle. “Our new Python capabilities make it possible for our customers to create complex detection rules that dramatically extend their network visibility, which is a critical aspect of network security.”

nCircle IP360 users can collaborate with each other and VERT security engineers to share custom Python-based vulnerability assessment rules in a dedicated, online Suite360 user group.

For more information about nCircle IP360 please visit: https://www.ncircle.com/index.php?s=products_ip360.

About nCircle Suite360

nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle Suite360 is an integrated suite that shares a unified scan engine, common scoring methodologies and centralized reporting and analytics. Suite360 includes IP360™ for vulnerability management, WebApp360™ for web application scanning, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle

nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.

nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.