OVERT Product Demo


Presentation Description

No description available.


Presentation Transcript

Slide 1: 

On-demand Vulnerability Evaluation Reporting Tool

Slide 2: 

O.V.E.R.T (On-Demand Vulnerability Evaluation Reporting Tool) was designed to support security engineers and analysts with the cumbersome and timely task of aggregating and normalizing the raw data provided as output from most security assessment tools. A typical raw data output from an assessment of 10 workstations or servers can take up to a week for an individual to decipher manipulate and move into a more usable format; O.V.E.R.T takes less than 15 seconds. Overview

Slide 3: 

Standalone The standalone version of our tool was the first iteration to be built and is designed strictly as a parsing engine and report generation tool aimed to save time and resources. The standalone product is available in a mini laptop form factor for convenience and portability. Web Appliance Version 1.0 takes the functionality of the standalone tool and centralizes the capability for multi user access. In addition, version 1.0 includes: User access control through Active Directory integration and application Roles Based Access Controls (RBAC). Parsing of: DISA Gold Disk DISA SRR AppDetective Retina The ability to create projects and upload scan result files for parsing The ability to view the results of parsing on screen The ability to export the results to other storage media Full Auditing of user and application functions Product Offering

Slide 4: 

Why you Need O.V.E.R.T The Objective. To turn raw security scan result data into actionable information To do it “Quickly” The Benefits. Reduces time of copy and paste and reduces errors during transfer Gives you a competitive advantage

Slide 5: 

Web Appliance

Slide 6: 

Logging In Login Banner DoD and Federal customers are required to display a login banner to all users prior to granting access. We can remove or customize the banner at our customers’ request

Slide 7: 

AD Integration Account Options O.V.E.R.T integrates with Active Directory for ease of account management. The option is available to allow accounts to be created within the application if desired.

Slide 8: 

Admin View Admin Access Allows user to create, modify projects, upload, parse, and export result files, create users, and assign users to projects Regular User Access Allows user to view projects assigned by an admin, upload, parse, and export results files.

Slide 9: 

Creating a Project

Slide 10: 

Upload Findings

Slide 11: 

Upload Findings Multi-File Upload O.V.E.R.T provides the ability for users to upload multiple files at once for simultaneous parsing of multiple files from multiple tools

Slide 12: 


Slide 13: 

Findings Detail

Slide 14: 

Audit by Project

Slide 15: 

Add user to Project

Slide 16: 

Add user to Project

Slide 17: 

Export results Filtered Output O.V.E.R.T provides the capability to filter the results of your output to include “Not Reviewed (NR), Open (O) and Not a Finding (NF). Our customers have the option to include all in the report if so desired.

Slide 18: 

Standard Results File Customized Report Excentium Understands that not all customers use the same format. We can customize the report template to your specific needs Future Output Formats Excentium will provide the ability to export results to Microsoft Word and Adobe Acrobat PDF formats in the next release. Tabbed Results Need to review results from a specific tool? Just click on the appropriate tab. Failed Results Tab Provides detail of all discrepancies between the input file and the database.

Slide 19: 

Full Auditing of Events

Slide 20: 

Specific Event Details

Slide 21: 

Create Users

Slide 22: 

AD or Non-AD Users

Slide 23: 

Assign Privileges

Slide 24: 

Future Enhancements Additional scanning tool compatibility: Nessus NMAP Compatibility with IE 8 and Firefox Manual Checklist Integration (STIGs/Control Docs) Manual Report Manipulation with Auditing Provides the ability for a user to add information to a report and modify its status by justification. Additional report formats .Doc .PDF OVERT Automated Update Service Efficient method for updating backend database when modifications are made to vulnerability assessment tools. Delete/Archive Projects Capability Asset Management Module Ability to store inventory of IT assets for the purposes of mapping vulnerabilities to specific assets and providing before/after remediation and trending information Excentium is always open to customer suggested future capabilities and enhancements

authorStream Live Help