Harmony Purple is a next-generation vulnerability management tool as well as the world’s first Automated pen testing solution, that continuously showcases validated, global, multi-vector, Attack Path Scenarios ™ (APS), so you can focus your time and resources on those vulnerabilities that threaten your critical assets and business processes. Harmony Purple has one core engine: Harmony Purple Pro, plus two additional management consoles. One for Enterprises and one for MSSPs.
"There are three types of penetration tests: black-box, white-box, and grey-box.
In a black-box assessment, the client provides no information prior to the start of testing.
In a white-box assessment, the entity may provide the penetration tester with full and complete details of the network and applications.
For grey-box assessments, the entity may provide partial details of the target systems.
PCI DSS penetration tests are typically performed as either white-box or grey-box assessments.
These types of assessments yield more accurate results and provide a more comprehensive test of the security posture of the environment than a pure black-box assessment."
Quote from PCI Security Standards Council https://www.pcisecuritystandards.org/
Harmony Purple is a white box solution that is actually more grey box than white box.
It can do a very thorough scan with minimum credentials, no network map or the entities identifications needed.
It is the best of both worlds.
Perform continuous scans all year round, valid for both vulnerability management and penetration testing to stay on top of your network’s security 24/7. See live map and get real-time alerts on current threats to your business processes
Cybot can be deployed globally and showcase global Attack Path Scenarios ™ so you can see how a hacker can hop from a workstation in the UK to a router in Germany to a database in the US. This capability is unique both for penetration testing as well as for vulnerability management. The various CyBot Pros will be managed by a single Enterprise dashboard.
Harmony brings context to each asset it scans, checking how it could affect a business process. In this way, you can funnel all your vulnerabilities and first focus on those that are exploitable and that are a part of an attack path to a critical asset or business process. This greatly reduces the resources needed for patching and ensures business continuity.
Harmony Enterprise manages several Harmony Pro;'s. This is great for larger organizations with global networks who wish to gain insights on global Attack Path Scenarios ™ between their branches, each using a different Harmony machine. Harmony Enterprise will aggregate information from all Harmony Pro's for in-depth global insights on cyber threats to your business processes.