Real-Time Project Management
Access to all aspects of the audit process
The dashboard facilitates real-time access to audit data including the scope of work, tasks & milestones, project status, vulnerabilities, fix statuses, reports, compliance reports, application & network map and much more.
Schedule projects on-demand
It allows you to schedule projects including recurring audits on-demand. You can specify details such as time window, credentials, documentation to the audit team as part of the workflow.
Setup custom notifications & alerts
You can set up custom alerts and notifications for each person involved in the project based on role, risk or scope. For example:
- Daily high-risk issues alerted to the team lead via SMS and E-mail
- Weekly summary of pending issues for the corporate site to CIO
- And so on and so forth …
Patch Tracking & Issue Closure
Ensure that all issues are confirmed fixed
The dashboard allows you to mark issues as Fixed, Accepted Risk or Deferred. The issue remains as an open issue until the fix is marked as a “Confirmed Fix” by the audit team. This ensures complete fix assurance on the closure of issues.
Track recurring issues over time
With the help of recurrence tracking, we raise additional alerts in the case a previously closed issue has been identified again. This ensures that root-cause analysis can be conducted to ensure that the issue remains closed in the long-run.
Track patch status in real-time
The patch tracker provides a real-time view of the audit progress and lets you see status updates in real-time as auditors make changes in Lemon.
Big Picture View of Pending Risks
Get a big picture view of the entire organization with a focus on pending risks. Drill down to any particular project, domain, time-period etc.
Generate a Compliance Report
Get a compliance report with specific issues, content and format as required by various compliance standards such as PCI DSS, ISO 27001, OWASP Top 10, SBI, CERT-In.
Annual Security Reports
Get an annual security report for the organization analyzing all the activities conducted over the year with a focus on root-cause analysis, recurring trends and patterns.
Download Management Presentations
Get a management presentation with a high-level overview of each audit conducted focusing on high risks, business impact, action items and analysis of audit data.
Automatically verify the effectiveness of fixes
At the click of a button, your developers can verify the effectiveness of a fix and minimize the endless loop between developers and security teams.
On-demand Manual Re-Testing
Once all issues have been marked as fixed, your team can go ahead and schedule a manual re-testing to verify that issues are confirmed fix and no other derivative issues have been created during the closure.
In-Built Training & Knowledge Sharing
Recommendations with code & config examples
Our recommendations come with code and config examples for your specific development languages, platforms environments. This allows a quick TAT for your developers to fix and close issues.
Comprehensive Security Knowledge Base
Developers have access to our comprehensive Knowledgebase with detailed instructions and code/config examples on how to fix issues. This ensures that developers are not just closing issues but learning to eliminate them in the long-run.
Select or modify your report templates
You can select from a variety of different report templates or even go ahead and create your own customized version of the template with your own internal branding, layout and required information.
WAF / IPS Integration
Immediately mitigate risks with WAF & IPS integration
With a focus on the closure of issues, one of the key and industry-leading features we have included is WAF / IPS Integration in real-time. This allows the Dashboard to push alert or block rules into the WAF and IPS for new issues that have been detected during the audit. This allows you to immediately mitigate the risk posed by the issues until a long-term solution can be put into place.
Bug Tracker Integration
Two-Way Bug Tracker Integration
Two-way bug tracker integration allows your developers to seamlessly work with the dashboard with new issues automatically pushed into the bug tracker and assigned to relevant people. Patch statuses are synchronized between the two and workflow is created to close and re-test issues seamlessly.
Consolidated & customizable views to analyze data
Analyze audit data across audits and projects and look at current pending-risks across all audits that have been conducted.
Analyze patterns and trends of issues identified across audits and time-periods to better understand root causes, improvements and growth.
Extensive APIs for Integration
We allow extensive APIs into the dashboard to allow for custom integration points with your internal applications, processes. This includes monitoring tools, deployment scripts, internal reporting engines, SDLC management applications, internal dashboard, bug trackers, etc.
Work With Us
Security Brigade a CERT-In empanelled founded on the core belief that “Great audits are done by great auditors – not expensive tools”. Our proprietary E.D.I.T.E platform provides a workflow based testing engine that encapsulates the complete audit process. It allows expert auditors to focus on in-depth manual testing while assisted by a combination of proprietary, open-source and commercial technology.