The company claims that Nmap Scan Analysis will provide an easy-to-use visualization of Nmap scan data. Credit: ddukang / Getty Images Nmap is a popular and versatile tool for port scanning, network discovery, and security auditing, but its scan results can be complex to interpret. Vulnerability remediation platform maker Vicarius wants to change that. It began offering Wednesday a free tool—Nmap Scan Analysis—that security professionals, IT administrators and pentesters can use to get a comprehensive visualization of Nmap scan data.Nmap users can use the tool to import an XML file of their scan results into the company’s TOPIA dashboard, where the data is analyzed and subsequently displayed in a clear and visually coherent way that includes open ports, services, operating systems, and detected CVEs.“Our tool makes Nmap easier to work with,” Vicarius CEO Michael Assraf says in an interview. “It offers a visual alternative to an XML report or terminal output, which a lot of people have a hard time working with. Cybersecurity shouldn’t be so complex,” he adds. “It should be easy. It should be accessible. You shouldn’t need years of experience in pentesting and vulnerability assessment in order to figure out where you’re vulnerable.” VicariusNmap scan initiated from terminal with output before TOPIA analysis VicariusNmap scan initiated from terminal with output after TOPIA analysisInflux of new vulnerabilities Nmap Scan Analysis can help security professionals identify high-risk assets and understand where they are vulnerable. Devices that are typically not covered with traditional agent-based vulnerability assessment tools, such as printers and routers, can be key entry points for malicious actors. The tool illuminates those problem areas so system administrators can respond quickly. “With the constant influx of new vulnerabilities, it’s almost impossible to stay on top of our assessments and understand where we are vulnerable,” Charles Camello, head of infrastructure and cybersecurity at Soprano, a mobile messaging software company, said in a statement. Nmap Scan Analysis “augments our capability to identify vulnerabilities in internal and unmanaged assets. Before, we didn’t have this type of intelligence, insight, and analysis. This tool has significantly improved our security posture.”Assets on decentralized networks and work-from-home officesNmap Scan Analysis can also help network administrators simplify the newfound complexities of managing decentralized assets, remote environments, and IoT devices. “Decentralized networks and working-from-home have made it more difficult to gain a thorough understanding of the assets in a network,” Alejandro Zamarripa Treviño, an information security analyst with Farmacias Benavides, a Mexican drugstore chain, said in a statement. “With the rich Nmap visualization provided by Vicarius, we have eliminated the lack of coverage and feel more confident that we have our entire network under control.” The Vicarius tool also allows users to see the details of what has changed in their network from scan-to-scan. It stores all historical scans so security teams can reliably find, analyze, and resolve asset discrepancies in their network.Nmap scripts on GitHubVicarius is also making its Nmap scripts publicly available on its GitHub repository. Its engineers will push code updates and new features directly to the open-source project, so new enhancements will be available on a continual basis. With this community contribution, Nmap users can expect to receive better precision, dynamically updated CVE content, and daily CVE updates.“The results a customer will get—even if they are not running our scripts—will be more updated because they will have the most up to date CVE files,” says Assraf. “The Nmap community is good, and it’s nice that people are contributing, but with a commercial company contributing, things become much more professional.” Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe