admin / Synapse-NetscanXi
publicNetwork Scanning, Vulnerability and Compliance Application
Synapse-NetscanXi / NetscanXiVersion13 / docs / sales-sheet.html
16295 B · main
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 | <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>NetscanXi Version 13 - Sales Sheet</title> <style> @page { size: A4; margin: 12mm 13mm 11mm 13mm; } * { box-sizing: border-box; } html { -webkit-print-color-adjust: exact; print-color-adjust: exact; } body { font-family: "Segoe UI", -apple-system, Roboto, Helvetica, Arial, sans-serif; color: #1c2430; font-size: 9pt; line-height: 1.32; margin: 0; } h1, h2, h3 { color: #0f2a47; font-weight: 700; } /* Header band */ .hdr { background: #0f2a47; color: #fff; border-radius: 9px; padding: 14px 18px; display: flex; align-items: center; justify-content: space-between; } .hdr .left { display: flex; align-items: center; gap: 12px; } .hdr .logo { font-size: 30pt; line-height: 1; } .hdr h1 { color: #fff; font-size: 25pt; margin: 0; letter-spacing: -1px; } .hdr h1 .x { color: #2fd06a; } .hdr .sub { color: #b9c7d8; font-size: 9pt; margin-top: 2px; } .hdr .ver { display: inline-block; background: #1f9d3a; color: #fff; font-weight: 700; padding: 3px 13px; border-radius: 20px; font-size: 10pt; white-space: nowrap; } .tagline { font-size: 11.5pt; color: #14507a; font-weight: 700; margin: 12px 0 2px; } .lead { font-size: 9.2pt; color: #34404e; margin: 0 0 8px; } h2.sec { font-size: 11pt; margin: 12px 0 6px; padding-bottom: 3px; border-bottom: 2px solid #2496ed; } /* Two-column layout */ .cols { display: flex; gap: 14px; } .col { flex: 1; } /* Value cards */ .vcard { border: 1px solid #cfe0f0; border-left: 4px solid #2496ed; background: #f4f7fa; border-radius: 6px; padding: 7px 10px; margin-bottom: 7px; } .vcard b { color: #0f2a47; font-size: 9.4pt; } .vcard span { display: block; color: #45525f; font-size: 8.6pt; margin-top: 1px; } .vcard.green { border-left-color: #1f9d3a; } .vcard.purple { border-left-color: #7b46d1; } .vcard.amber { border-left-color: #9a6700; } ul { margin: 4px 0 4px 0; padding-left: 16px; } li { margin: 2px 0; } /* Badges */ .badges { margin: 4px 0 2px; } .badge { display: inline-block; background: #eef3f8; border: 1px solid #cfe0f0; color: #14507a; border-radius: 12px; padding: 2px 9px; font-size: 8pt; margin: 2px 3px 2px 0; font-weight: 600; } /* Framework pills */ .fw { display: inline-block; background: #0f2a47; color: #fff; border-radius: 5px; padding: 2px 8px; font-size: 8.4pt; font-weight: 600; margin: 2px 3px 2px 0; } .fw.green { background: #1f9d3a; } /* Audience table */ table { width: 100%; border-collapse: collapse; margin: 4px 0; font-size: 8.4pt; } th, td { text-align: left; padding: 5px 8px; border: 1px solid #d4dae0; vertical-align: top; } th { background: #0f2a47; color: #fff; font-weight: 600; } tr:nth-child(even) td { background: #f4f7fa; } /* Callout */ .tip { background: #eafaf0; border-left: 4px solid #1f9d3a; border-radius: 6px; padding: 7px 11px; margin: 8px 0; font-size: 8.8pt; } .tip b { color: #0f2a47; } /* CTA footer */ .cta { background: #0f2a47; color: #fff; border-radius: 9px; padding: 11px 16px; margin-top: 11px; display: flex; align-items: center; justify-content: space-between; } .cta .big { font-size: 11.5pt; font-weight: 700; } .cta .big .x { color: #2fd06a; } .cta .det { font-size: 8.6pt; color: #cdd8e6; margin-top: 2px; } .cta .pill { display: inline-block; background: #1f9d3a; color: #fff; padding: 5px 14px; border-radius: 20px; font-weight: 700; font-size: 9.5pt; } .foot { text-align: center; color: #8b97a5; font-size: 7.8pt; margin-top: 7px; } </style> </head> <body> <!-- HEADER --> <div class="hdr"> <div class="left"> <div class="logo">🛰️</div> <div> <h1><span class="x">N</span>etscanXi</h1> <div class="sub">Self-hosted network discovery, vulnerability & compliance intelligence</div> </div> </div> <div class="ver">Version 13</div> </div> <div class="tagline">Turn one network scan into a board-ready compliance posture.</div> <p class="lead">NetscanXi maps every device, service, container and vulnerability on your network — then cross-references each finding against <b>eight regulatory frameworks</b>. Self-hosted, multi-tenant, and deployed with a single <code>docker compose up</code>. Your data never leaves your infrastructure.</p> <div class="tip"><b>New in Version 13:</b> 🔧 <b>Patch and Remedy</b> — apply <b>operating-system updates & upgrades</b> (apt / dnf / yum / zypper / apk, auto-detected) over SSH to a single asset, an asset group, or every asset — or update Docker images. NetscanXi now <b>acts</b> on what it finds, <b>auto-creates and updates a remediation record</b> for every run, and uses <b>per-run credentials that are never stored</b>. Don't just find the risk — fix it.</div> <!-- FRAMEWORKS STRIP --> <span class="fw green">NCSC CAF</span><span class="fw green">NIST CSF</span><span class="fw">PCI DSS</span><span class="fw">GDPR</span><span class="fw">ISO 27001</span><span class="fw">SOC 2</span><span class="fw">HIPAA</span><span class="fw">Cyber Essentials</span> <!-- TWO COLUMNS --> <div class="cols"> <!-- LEFT --> <div class="col"> <h2 class="sec">Why NetscanXi</h2> <div class="vcard green"> <b>Compliance, not just a scan</b> <span>Every finding maps to named controls across 8 frameworks — the only affordable self-hosted tool with native <b>NCSC CAF</b> mapping.</span> </div> <div class="vcard purple"> <b>Built for MSPs & multi-team</b> <span>True multi-tenancy: one install, many isolated client tenants with scoped data. White-label-friendly recurring revenue.</span> </div> <div class="vcard"> <b>Your data stays yours</b> <span>100% self-hosted on Debian. No cloud, no per-asset metering, no data egress — ideal for public sector & CNI.</span> </div> <div class="vcard amber"> <b>Evidence on demand</b> <span>Branded executive & per-host PDF reports for audits, ticketing and system owners — generated from a single scan.</span> </div> <h2 class="sec">Capabilities</h2> <ul> <li><b>Asset discovery</b> — live hosts, OS, services & software inventory</li> <li><b>Vulnerability scanning</b> with CVE enrichment & CISA KEV tagging</li> <li><b>Risk scoring</b> + tailored, official mitigation guidance</li> <li><b>🔧 Patch and Remedy (v13)</b> — OS updates/upgrades over SSH (+ Docker images) per asset / group / all, auto-tracked, with credentials never stored</li> <li><b>🐳 Deep Docker scanning (v10r1)</b> — container & image inventory, image CVE scanning (Trivy/Grype), CIS Docker audit</li> <li><b>AD / DC & TLS certificate</b> auditing and expiry tracking</li> <li><b>Change detection</b> & alerting between scans</li> <li><b>📡 Passive (zero-probe) discovery</b> for sensitive / OT segments <b>(v9)</b></li> <li><b>🆔 Unique asset IDs bound to MAC</b> — de-duplicated vuln tracking <b>(v9)</b></li> <li><b>🗓️ Day & time scheduling</b> + editable asset type <b>(v9)</b></li> <li><b>Accounts · Roles · TOTP MFA · Activity audit log</b></li> </ul> </div> <!-- RIGHT --> <div class="col"> <h2 class="sec">Who it's for</h2> <table> <tr><th>Buyer</th><th>The win</th></tr> <tr><td><b>MSPs / MSSPs</b></td> <td>One install, many tenants. Resell continuous scanning & compliance as a managed service.</td></tr> <tr><td><b>UK public sector & OES</b></td> <td>NCSC CAF posture from a scan. Fully self-hosted — data never leaves the network.</td></tr> <tr><td><b>Enterprise security</b></td> <td>NIST CSF + PCI / ISO / SOC 2 / HIPAA mapping without a per-asset cloud bill.</td></tr> <tr><td><b>SMB & IT teams</b></td> <td>Enterprise-grade visibility from <code>docker compose up</code> — no heavy tooling.</td></tr> </table> <h2 class="sec">How it compares</h2> <table> <tr><th> </th><th>NetscanXi</th><th>Typical scanner</th></tr> <tr><td><b>Self-hosted</b></td><td>✓ Yes</td><td>Often cloud</td></tr> <tr><td><b>Multi-tenant</b></td><td>✓ Built-in</td><td>Add-on / no</td></tr> <tr><td><b>8-framework mapping</b></td><td>✓ Incl. CAF</td><td>Rare</td></tr> <tr><td><b>Passive (zero-probe) mode</b></td><td>✓ Built-in</td><td>Rare</td></tr> <tr><td><b>Deep container scanning</b></td><td>✓ Built-in</td><td>Add-on / no</td></tr> <tr><td><b>Per-asset fees</b></td><td>✗ None</td><td>Common</td></tr> <tr><td><b>Deploy time</b></td><td>Minutes</td><td>Hours+</td></tr> </table> <h2 class="sec">Deploy in minutes</h2> <div class="tip"><b>One command:</b> <code>docker compose up</code> on Debian. Then point it at your network and export your first branded compliance report the same day.</div> <div class="badges"> <span class="badge">Flask + nmap</span> <span class="badge">Single-container</span> <span class="badge">No cloud dependency</span> <span class="badge">Free community tier</span> <span class="badge">Pro & MSP licensing</span> </div> </div> </div> <!-- NEW IN VERSION 13 --> <h2 class="sec">🔧 New in Version 13 — Patching & Remediation</h2> <div class="cols"> <div class="col"> <div class="vcard green"><b>🖥️ OS updates & upgrades over SSH</b><span>The <b>Patch and Remedy</b> tab auto-detects the package manager (apt / dnf / yum / zypper / apk) and applies updates — with optional full distribution upgrade and a simulate (no-change) mode.</span></div> <div class="vcard"><b>🐳 Docker image updates</b><span>Or update Docker images: pulls the latest image for every running container over the same authenticated Engine API used for scanning, with an optional experimental recreate.</span></div> <div class="vcard amber"><b>🔒 Credentials never stored</b><span>SSH/sudo and registry credentials are entered per run, used once, then discarded — never written to the database, never logged, never returned.</span></div> </div> <div class="col"> <div class="vcard purple"><b>🧾 Auto-tracked remediation</b><span>Every patch run creates a remediation item per asset and updates it to <b>resolved</b> or <b>blocked</b> — one source of truth for what was fixed, by whom.</span></div> <div class="vcard green"><b>👁️ Dry-run preview</b><span>Preview the targeted assets and detected OS (or images) with zero side effects — OS preview doesn't even contact SSH — before you commit.</span></div> <div class="vcard"><b>🛡️ Role-gated & tenant-safe</b><span>Patching requires the operator role; scoped users can only ever target their own tenant's assets.</span></div> </div> </div> <!-- NEW IN VERSION 10r1 --> <h2 class="sec">🐳 New in Version 10r1 — Deep Docker Container Scanning</h2> <div class="cols"> <div class="col"> <div class="vcard green"><b>📦 Authenticated container & image inventory</b><span>Agentless Docker Engine API inventory — containers, images, ports, privileged flags, docker.sock mounts and engine posture.</span></div> <div class="vcard"><b>🔎 Image vulnerability scanning</b><span>Per-image CVE scanning via <b>Trivy</b>/<b>Grype</b>, enriched with <b>CISA KEV</b> so exploited container CVEs rank first.</span></div> <div class="vcard amber"><b>🛡️ CIS Docker benchmark audit</b><span>Exposed API, no-TLS daemon, privileged containers, socket mounts, host net/PID, insecure registries — pass/warn/fail.</span></div> </div> <div class="col"> <div class="vcard purple"><b>📊 Docker dashboard & host views</b><span>A dedicated Docker dashboard panel plus deep per-host container detail — with every existing view kept.</span></div> <div class="vcard green"><b>🔄 Container drift detection</b><span>Flags new/removed containers, new-privileged or socket-mount changes, and new known-exploited image CVEs between scans.</span></div> <div class="vcard"><b>🧾 SBOM, registry & orchestration</b><span>SBOM-capable scanning, insecure-registry flags and Swarm / Kubernetes awareness.</span></div> </div> </div> <!-- NEW IN VERSION 9.1 --> <h2 class="sec">✨ New in Version 9.1</h2> <div class="cols"> <!-- LEFT --> <div class="col"> <div class="vcard"> <b>📊 Customisable interactive charts</b> <span>OS distribution, vulnerability severity, network risk & compliance and regulatory compliance now sit in equal-sized tiles — switch any chart between <b>pie</b>, <b>horizontal</b> or <b>vertical bars</b>, resize and rearrange the tiles, then click a slice to filter the asset table.</span> </div> <div class="vcard green"> <b>✅ Vulnerability lifecycle management</b> <span>Mark CVE findings <b>Remediated</b>, <b>Accepted Risk</b> or <b>False Positive</b> — cut the noise, track remediation and prove progress to auditors.</span> </div> <div class="vcard"> <b>☑️ Multi-select asset table</b> <span>Act on many assets at once: bulk export and bulk re-scan in a couple of clicks instead of one host at a time.</span> </div> <div class="vcard purple"> <b>👥 Tenant Admin role</b> <span>Delegate full administration inside a tenant for true multi-tenant operations — MSP/MSSP-friendly, with hard tenant isolation.</span> </div> <div class="vcard"> <b>🔍 Global search</b> <span>Find any asset, CVE or software across the whole estate instantly from the top bar.</span> </div> </div> <!-- RIGHT --> <div class="col"> <div class="vcard amber"> <b>🗄️ Configurable data retention</b> <span>Set retention policies right in the Admin UI — control database growth and meet data-governance requirements.</span> </div> <div class="vcard green"> <b>🩹 Patch-aware scanning</b> <span>Assess against installed patch levels, not just the distro version — dramatically more accurate results with far fewer false positives.</span> </div> <div class="vcard"> <b>📈 Historical trend graphs</b> <span>Track network risk score and compliance posture as a historical trend line — or switch the same tile to a pie or bar view — to show measurable improvement over time.</span> </div> <div class="vcard purple"> <b>🎟️ Native ITSM integrations</b> <span>Jira, ServiceNow and Zendesk — open remediation tickets for findings without ever leaving NetscanXi.</span> </div> <div class="vcard"> <b>🧩 Customisable dashboard</b> <span>Drag, drop, pin or hide components — and resize, reorder and re-style each chart tile — so every team sees exactly what matters to them. Layout persists per user.</span> </div> </div> </div> <!-- CTA --> <div class="cta"> <div> <div class="big"><span class="x">N</span>etscanXi Version 13 — see your network <i>and</i> your containers the way an auditor would.</div> <div class="det">Free community tier · Pro (per-install) · MSP licensing (per managed network). Self-hosted — your data, your infrastructure.</div> </div> <div class="pill">Book a demo</div> </div> <div class="foot">Self-hosted · Flask + nmap · Built for Debian | Findings are advisory and support — not a substitute for — formal assessment. | © 2026</div> </body> </html> |