NMAP for your cloud network, without sending a single packet

Organizations commonly use network mapping (NMAP) tools to understand the security posture of their network infrastructure and uncover vulnerabilities. Deploying these tools can be very expensive and are often ineffective—many modern network security platforms preemptively block them, because they view the test as a network attack.

To work around this, you have to coordinate such activities with the network security team so they can whitelist appropriate sources. This extra work means that building the network map of accessible end-points ends up being an infrequent activity—once every few months, or worse, once every year. Meanwhile, your infrastructure is constantly evolving in between these tests. How can you be sure you haven’t opened up a new vulnerability in between scans?

Continuous, unobtrusive network mapping

With Batfish Enterprise Virtual NMAP, you can pen test your network continuously, without sending a single packet. Batfish Enterprise converts your network configuration into network behavior models, which are updated on every configuration change. This way, you have the latest view of your network security at all times and can quickly remediate any changes as they come up, instead of waiting for the next network scan and risking that a security hole has opened up in the meantime.

Analyze and detect vulnerabilities proactively

Additionally, you can leverage Batfish Enterprise to evaluate changes you are thinking about making to the network. By getting this built-in analysis up front, you can easily identify and address vulnerabilities before they ever make it into your infrastructure.