The Xylok Scanner is a one-stop solution for every DISA STIG or other benchmark your organization needs to complete without requiring the Xylok Scanner to be attached or installed onto the network being checked.

Screenshots and more features can also be found on our Features page.

Every Benchmark Integrated

We check every benchmark needed--we don't focus exclusively on one or two operating systems. When an organization purchases a Xylok Scanner license, we deliver an integrated solution for all their benchmarks, including basic OSes, software on those systems, and network devices. For checks that can't be truly automated--such as "ask the administrator" types of questions--Xylok provides a central location to store all of that information.

Historical Tracking

Track compliance status changes across your network throughout time and between machines.

Human-Readable Scripts

To accomplish our no-network promise, the Xylok Scanner produces a machine-specific script for every device in your network. For Windows, this means a Batch or Powershell script. For Linux, this means BASH or other appropriate shell for the operating system. For network devices, we present a list of commands for the system administrator to run.

For you, this means everything occuring on your system can be examined by hand if needed--there's no unknown executables being introduced that you need to blindly trust.

RMF-Based Reporting

Once your data is in Xylok, our deep RMF intregration means we can produce a wide variety of reports that tie directly to your organization's RMF Confidentiality, Integrity, and Availability levels and overlays.

Competition Comparison

How do we stack up? Also be sure to check out our full Features page for screenshots and more detailed descriptions.

Deployment Options Xylok Scanner SCC Nessus Professional ACAS
Multiple Users Multiple users can collect data, analyze, and report on the same instance
Paid Upgrade
Paid Upgrade
No install required Can the software be used without installing and changing the baseline?
Benchmarks Xylok Scanner SCC Nessus Professional ACAS
Automatic Benchmark/STIG Updates System automatically pulls new benchmarks and STIGs as available
Built-In Benchmark/STIG Viewer Ability to see check requirements alongside results
Separate Download
DISA STIGs DISA Security Technical Implementation Guide Benchmarks
CIS Benchmarks Center for Internet Security Benchmarks
Custom Benchmarks Ability to create a unique benchmark for custom devices or applications
Execution Xylok Scanner SCC Nessus Professional ACAS
Scan Risk A "noisy" scan may destabilize your systems
Scan Scheduling Schedule scans to occur at certain days and times
Analysis Xylok Scanner SCC Nessus Professional ACAS
Automatic Analysis Tool automatically determines if your configuration does not match the benchmark 1 1 1
Access to Raw Results Look at the output as if you are still on the computer
Post-Process Results Write scripts to display only the data you need to see
Scan Tracking Compare scans over time and see what has changed
Consolidated Results All of your system machines and benchmarks in one location
Paid Upgrade
Paid Upgrade
Analyze Once/Mark Many Anaylze one machine and benchmark and the database will apply the same status to similar items
Reporting Xylok Scanner SCC Nessus Professional ACAS
Multiple Report Formats Output reports in XML, HTML, or CSV format
Checklist (CKL) export Export data into the STIG Viewer CKL file for sharing with other tools
Security Assessment Report Export directly into a Security Assessment Report (SAR) format used by A2/3/6
Plan of Action and Milestones Export directly into a Plan of Action and Milestones (POA&M)
eMASS Export Export resorts into a format ready to immediately import into eMASS
RMF Integration Create scans and reports based off the CIA level of the system (overlays included)

1. Auto Analysis gives only a binary 'yes/no' with no view into XCCDF-recommended output