Q: 1.
This is listed as an alternative to 1Password (which is awesome) and LastPass (which is abysmal), but yet I see no details about password management features anywhere. What's going on? Your site lists password management only under the Foundation plan, not the Fundamentals plan, so is the claim that this can replace 1Password a false claim?
2. How does the patching work? Surely you're not logging into our servers or laptops, so is there some app or background process that forces updates? Or is it a matter of notifying us when patches are needed? Does this work like Snyk? Or what?
3. The Vendor Risk Register sounds really useful. Can you post screenshots of the UI?—there's extremely little information on your web site.
4. What vulnerability scanner(s) do you use? Does it need to be installed on the machine it is scanning? Or does it scan from the outside? If it must be installed, what OSes can it run on?
5. What is meant by "1 scan for up to 5 targets"? Do you mean we can list 5 servers and scan them all at the same time, and that counts as 1 scan? And we can do that only once per month? Or does it mean we get 5 total scans per month? Or does it mean that our 5 scans can never run on any more than 5 specific devices, and once those 5 devices are scanned there are no others that can be scanned, even in a subsequent month?
Henry_HavocShield
May 15, 2024A: Hey iconclast,
Happy to answer these questions for you!
1. When finding options to compare oursleves to, we were not able to find many great options. I stuck with password managers as our comparission since we do offer one as part of our Foundations program which is accesable for 50% of to all appsumo purchases.
2. Patching is done through a patching agent. Our agent will install patches and updates locally automatically based on a schedule we set for you as part of your configuration. Normally these updates happen early in the moring as to not disrupt your day to day.
3. You can sign up for a free trial on our website to create an account get instant accesss to all of these tools includeing the cendor risk register.
4. The vulnerability scanner scans your owned domains and IP addresses. There is no local installation needed, all we need is the exact domain or IP address of the location you would like to scan. Please not that you must own the domain in order for the scanning to begin.
5. On a monthly basis you can scan 5 targets. You can change the cadence to be more than a month, however you cannot exceed 5 total targets (or whatever your plan outlines). The credits do not carry over month to month.
Please let me know if you have additional questions!