Scanigma offers a comprehensive solution that includes in-depth analysis, evaluation and reporting of security settings, specific recommendations, sample configurations and ongoing monitoring.
Scanigma performs an in-depth analysis of the configurations of application servers and other public IT services to identify infrastructure vulnerabilities and other weak points. One unique feature of our functional implementation is that we do not rely on any existing implementation of cryptographic protocols or third-party solutions. While the goal of these kinds of implementations is to build error-free encrypted connections, we instead seek to identify what options are possible given the specific configuration of the client or server. This process includes checking for unsupported protocol elements, cryptographic algorithms and functions implemented in ways other than the protocol description. This approach enables a significantly more efficient, faster and complete analysis.
We believe that every chain is only as strong as its weakest link. Which is why, to avoid a false sense of security, Scanigma classifies test results in a grading system that is far more stringent than market standards. This grading system takes into account both the importance of transparency and the achievement of the highest possible level of security. Vulnerabilities are prioritized with a risk-based approach so security teams can focus first on the issues that pose the greatest business risk and then, depending on their capabilities, further refine their systems by addressing lower-risk issues.
Once you have achieved a sufficient level of security, you need to work constantly to maintain it. As more and more vulnerabilities appear, what we considered safe yesterday is now obsolete. This is especially true for the configuration of various IT infrastructures. One of the biggest strengths of Scanigma lies in the fact that, in addition to occasional snapshot checks of the systems, it provides users with continuous support through simple and fast upgrades and ensuring the settings are always up-to-date.
Even for experts with the right skills in place, providing constant analysis and maintenance of security configurations is a time-consuming task. Scanigma offers a fully automated monitoring feature that applies continuous analysis so you can receive up-to-date reports in your inbox at set intervals and receive real-time alerts for pre-determined changes, new vulnerabilities and certificate expiration. This frees up the time spent by IT security professionals on generic issues, resulting in significant resource and cost savings, while also increasing the level of security.
Scanigma produces a highly detailed technical report on the results of its analyzes, listing not only the problems but also their rationale and recommendations for addressing them. In addition to technical analysis, it is able to produce concise, easy-to-understand, engaging management reports that not only enable the effective presentation of current risks and security levels to management, but also support the creation of compliance audits, earning you significant time savings.
Scanigma is a turnkey Software as a Service solution, and no agent installation is required to use it. Scanigma can generate complex analyzes and reports within minutes of being provided with the user interface settings.
By supporting a unique protocol to identify and control procedures, Scanigma can be used not only for web (HTTPS) and mail (IMAP, SMTP, POP3), but also for services providing access to servers (RDP, SSH, VNC) or even entire networks (IPsec, OpenVPN).
An easy-to-understand, engaging dashboard, prioritized by topic and risk, gives you a complete picture of the current security level and elements of each system that need improvement. The depth of information shown can be customized as needed.
In addition to identifying problematic parameters, Scanigma also provides detailed information about the cause of the error and offers a complete solution proposal using specific configuration patterns. The Scanigma Knowledge Base is one of the most comprehensive sources of public information about encryption settings.
After analyzing the type of encryption and other parameters, and examining the method of authentication and key exchange, Scanigma classifies applications on a scale of A+ to F, based on a much stricter set of criteria than the market standard.
Whether it’s NIST, PCI-DSS, or HIPAA compliance, Scanigma’s ongoing monitoring service and compliance reports ensure ongoing compliance with regulatory obligations and support for various audits.
Thanks to Scanigma's continuous monitoring service, it is able to send customizable alerts via email or SMS about any significant changes to encryption configurations and the appearance of new vulnerabilities, including in real time.
Scanigma can be easily integrated with existing monitoring, log management or SIEM solutions, helping to effectively prevent incidents, attacks and launch protection processes.
In addition to checking individually specified scan lists, Scanigma is able to use the meta information of each element to discover related publically accessible services or, in non-public systems, all services to be scanned across the entire network.