Software

Overview

The Xylok Scanner is a one-stop solution for every DISA STIG or other benchmark your organization needs to complete without requiring the Xylok Scanner to be attached or installed onto the network being checked.

Screenshots and more features can also be found on our Features page.

Every Benchmark Integrated

We check every benchmark needed--we don't focus exclusively on one or two operating systems. When an organization purchases a Xylok Scanner license, we deliver an integrated solution for all their benchmarks, including basic OSes, software on those systems, and network devices. For checks that can't be truly automated--such as "ask the administrator" types of questions--Xylok provides a central location to store all of that information.

Historical Tracking

Track compliance status changes across your network throughout time and between machines.

Human-Readable Scripts

To accomplish our no-network promise, the Xylok Scanner produces a machine-specific script for every device in your network. For Windows, this means a Batch or Powershell script. For Linux, this means BASH or other appropriate shell for the operating system. For network devices, we present a list of commands for the system administrator to run.

For you, this means everything occuring on your system can be examined by hand if needed--there's no unknown executables being introduced that you need to blindly trust.

RMF-Based Reporting

Once your data is in Xylok, our deep RMF intregration means we can produce a wide variety of reports that tie directly to your organization's RMF Confidentiality, Integrity, and Availability levels and overlays.

Competition Comparison

How do we stack up? Also be sure to check out our full Features page for screenshots and more detailed descriptions.

Deployment Options		Xylok Scanner	SCC	Nessus Professional	ACAS
Multiple Users	Multiple users can collect data, analyze, and report on the same instance			Paid Upgrade	Paid Upgrade
No install required	Can the software be used without installing and changing the baseline?
Benchmarks		Xylok Scanner	SCC	Nessus Professional	ACAS
Automatic Benchmark/STIG Updates	System automatically pulls new benchmarks and STIGs as available
Built-In Benchmark/STIG Viewer	Ability to see check requirements alongside results		Separate Download
DISA STIGs	DISA Security Technical Implementation Guide Benchmarks
CIS Benchmarks	Center for Internet Security Benchmarks
Custom Benchmarks	Ability to create a unique benchmark for custom devices or applications
Execution		Xylok Scanner	SCC	Nessus Professional	ACAS
Scan Risk	A "noisy" scan may destabilize your systems	Low	Low	High	High
Scan Scheduling	Schedule scans to occur at certain days and times
Analysis		Xylok Scanner	SCC	Nessus Professional	ACAS
Automatic Analysis	Tool automatically determines if your configuration does not match the benchmark		¹	¹	¹
Access to Raw Results	Look at the output as if you are still on the computer
Post-Process Results	Write scripts to display only the data you need to see	Python
Scan Tracking	Compare scans over time and see what has changed
Consolidated Results	All of your system machines and benchmarks in one location			Paid Upgrade	Paid Upgrade
Analyze Once/Mark Many	Anaylze one machine and benchmark and the database will apply the same status to similar items
Reporting		Xylok Scanner	SCC	Nessus Professional	ACAS
Multiple Report Formats	Output reports in XML, HTML, or CSV format
Checklist (CKL) export	Export data into the STIG Viewer CKL file for sharing with other tools
Security Assessment Report	Export directly into a Security Assessment Report (SAR) format used by A2/3/6
Plan of Action and Milestones	Export directly into a Plan of Action and Milestones (POA&M)
eMASS Export	Export resorts into a format ready to immediately import into eMASS
RMF Integration	Create scans and reports based off the CIA level of the system (overlays included)

1. Auto Analysis gives only a binary 'yes/no' with no view into XCCDF-recommended output