Description: Differential port scanning and deltas
information security (644) nmap deltas (1) port scan deltas (1) differential port scans (1) differential nmap scans (1)
Netdelta ... Maintains scan history in a backend database and provides analytics. Provides a RESTful API for consumption of data around port scans and deltas - more info is available on request. A webhook is available for triggering a vulnerability scan in response to a delta being discovered. If there's an unexpected change, it could be the result of unauthorised activity: hacking, malware, unauthorised change, shadow IT, etc. Netdelta maintains a history of past scans and deltas and grades ( red , amber ,
With ndiff false positives are a problem: whenever a host or service times out, ndiff will flag what is probably a false positive. Host and service time-outs happen a lot, even on a gigabit LAN - this makes something like a scripted solution impractical.
Netdelta maintains a database of service and host availability, and makes a call on how likely a service time out is a false positive (red, amber, green - see the screen sample on the right). When Netdelta sees a change, it checks first on the scan history of that host, and makes a call on how likely what you're seeing is just a time-out. Netdelta will stay quiet unless its sure its seeing a genuine delta.