Vendor: ZeroNorth
Price: $50,000 for an annual subscription
Contact: zeronorth.io

Quick Read

Strengths:
We find its well-designed user interface intuitive to use and navigate with its multiple dashboards that provide various views of vulnerabilities. The entire platform offers unrivaled, expansive flexibility.
Weakness:
None that we found.
Verdict:
Overall, the ZeroNorth Platform offers a significant return on investment by optimizing other security tool investments, expanding the scanning portfolio, and maximizing time-to-value. Businesses large and small, particularly those interested in PCI compliance, will appreciate ZeroNorth’s scalability, as well as its actionable, prioritized integration with DevOps environments.

Rating Breakdown

SC Labs Reviews

Reviews from our expert team

Features:
Rating: %s
Documentation:
Rating: %s
Value for Money:
Rating: %s
Performance:
Rating: %s
Support:
Rating: %s
Ease of Use:
Rating: %s
Rating: 4.75/5 4.75/5

Summary

The ZeroNorth Platform is a multi-tenant SaaS solution that manages risk and vulnerability throughout the entire lifecycle, using centralized management of scanners to detect vulnerabilities across applications and prioritize them according to business risk. ZeroNorth created this platform to provide IT leaders with the innovative vulnerability management and analytics necessary to accelerate security, deliver continuous risk visibility and empower secure digital transformation.

We find its well-designed user interface intuitive to use and navigate with its multiple dashboards that provide various views of vulnerabilities. The enterprise dashboard’s landing page, for example, provides a valuable overview of vulnerability information and data points. Users can click on any of these features to gain more information about them quickly. ZeroNorth specializes in discovering the configuration management database (CMDB) behind several credential types to reflect all known data points about an organization’s assets, targets and application code.

The enterprise dashboard has a particularly helpful view that shows the development of issues over time so that organizations can see when and where their teams made security improvements. At present, the platform does not issue standard reports, but it does leverage dashboards, filters and advanced queries.

Security teams often must triage a vast number of vulnerabilities for each scan that inhibit development and compel engineers to turn their attention away from their tasks and toward individual security defects. To avoid such disruptions, ZeroNorth links issues together to reduce alert fatigue and facilitate the remediation process. A graph of linked issues reveals lines drawn from static issues to dynamic issues to cover and track vulnerabilities throughout the entire software development lifecycle. We found this graphic useful and easy to interpret. It even offers notification configurations.

Overall, the ZeroNorth Platform offers a significant return on investment by optimizing other security tool investments and expanding the scanning portfolio. Several customized integrations support its seamless operability with other products and APIs. This cloud-based platform maximizes time-to-value and requires virtually no setup, adding to its ease of use and accelerated remediation. ZeroNorth establishes a governance model that parallels the DevOps pipeline and automates and orchestrates the entire vulnerability management process.

Pricing starts at $50,000 for an annual subscription and includes 10/5 phone, email and website support. Creating tickets is both quick and easy. Organizations also have access to a step-based knowledge base with several articles.

Tested by Tom Weil