Gauntlet Platform Overview

The missing piece of your application security program

What Gauntlet Can Do For You


Gauntlet is built from the ground up to improve your application security program. If you're looking to protect your applications, the powerful Gauntlet platform can help. Reduce complexity, spend less time running scanners and more time developing your business.


Speed Innovation


Deliver innovation to market without sacrifing security. Integrate Gauntlet with your Software Development Life Cycle (SDLC) using our API and find security vulnerabilities before hackers do.

Save Time


Leave the hard work of provisioning servers, installing, updating and managing security scanners to Gauntlet. Take your time to focus on activities that must be manual instead.

Reduce Costs


Reduce the cost to identify security vulnerabilities by combining multiple approaches effortlessly. Also reduce the cost the vulnerability remediation by centralizing results from different tools and setting up policies.

Identify Security Vulnerabilities


Gauntlet makes it easy for your to run multiple security scanners to search for security vulnerabilities in your applications and network devices, such as servers. Those scanners could run Dynamic Application Security Testing (DAST), which are tests in servers that are running, or Static Application Security Testing (SAST), which are tests in the application's source code. Running both improve vulnerability detection.



Dashboard & Charts

Gauntlet comes with a Dashboard and Charts for you to show vulnerability trends, issues by technical and business severities, issues by scanners and more. Learn more about Gauntlet Dashboard & Charts.

Multiple Scanners

Gauntlet comes with multiple security scanners to enhance vulnerability detection and give you better coverage. Check out all supported scanners.

Dynamic Application Testing (DAST)

Gauntlet performs tests in running applications and network devices, such as servers and Internet of Things (IoT) to look for security vulnerabilities. Learn more about Gauntlet DAST capabilities.

Static Application Testing (SAST)

Gauntlet also looks for security vulnerabilities in source code. It's the so called whitebox testing and has a great coverage. Learn more about Gauntlet SAST capabilities.

Authenticated Scan

Perform security tests behind the login page, even if the scanner doesn't come with built in support. Learn more about Gauntlet authenticated scan.

Bring Your Own Scanner

Besides our natively supported security scanners, it's possible to use your own scanner and leverage all Gauntlet platform benefits. Learn more about how to Bring Your Own Scanner.

Schedule Scans

We believe in continuous application security, thus you can schedule scans periodically to test your applications and servers. Learn more about Gauntlet scan schedulement.

Internal Testing

Applications and servers behind your firewall can be tested by being securely exposed to our scanner using either a SSH Tunnel or a Virtual Scan Appliance (VSA). Learn more about Gauntlet internal testing.

Reports

Consolidate results from multiple tools has always been a dauting task. Gauntlet automatically generates a consolidated report for you. Learn more about Gauntlet reports.

Notifications

Get notified about scan management events such as scan start/end/stop/destroy and policy violations. Learn more about Gauntlet notifications.



Manage Issues, Vulnerabilities and Risks


We know that finding issues is only part of solution. A common challenge is to centralize reports from different tools, prioritize and act on them. Because of that we built a smart centralized issue management system that lets you create manual issues, change the issues severities and apply policies based on such severities.



Dashboard & Charts

Visualize vulnerability trends, issues by technical and business severities, issues by scanners and more. Learn more about Gauntlet Dashboard & Charts.

Multiple Scanners

You can upload reports from multiple scanners to generate issues on Gauntlet or run them directly from Gauntlet. Check out all supported scanners.

Issue Management

Centralized interface to visualize, filter and act upon issues, vulnerabilities and risks. Mass edition is supported. Learn more about Gauntlet issue management.

Policies

Automatically take action on issues based on criterias defined by you. Learn more about Gauntlet policies.

Smart Operations

Gauntlet automatically performs smart operations after each scan to identify fixed and resurged issues. Learn more about Gauntlet smart operations.

Custom Scanner

It's possible to bring your own scanner and a way to convert its results into Gauntlet issues. Learn more about how to Bring Your Own Scanner.

Notifications

Combined with Policies, you can get notified when an application becomes non-compliant or becomes compliant again. Learn more about Gauntlet notifications.

Foreign Reports

If you run scanners outside Gauntlet you can upload their reports to centralize issues on our platform. Learn more about Foreign Reports.

Certificate Monitoring

Your HTTPS applications' certificates should be monitored otherwise they may expire and result in a red warning page for all your customers. Learn more about Certificate Monitoring.



Batteries Included


Gauntlet comes with batteries included. We believe that a powerful platform should provide more interesting features for you to enjoy your ride. Notifications, API and Multi-languages are some of them. Check them out below:



Multi-language

We believe that Gauntlet should be available in your native idiom. So far we support English and Portuguese, but more languages will be added soon. Learn more about Gauntlet multi-language feature.

Granular Permissions

More than simply 'read and write' permissions, on Gauntlet you can authorize API calls and Groups based on the Class and Method name. Learn more about Gauntlet granular permissions.

Team Collaboration

Gauntlet is organizations-oriented and organizations and group-oriented, thus we natively support Role-Based Access Control (RBAC). Learn more about Gauntlet team collaboration.

API

We're API oriented. It means that everything you can do in the Web Interface can be done through our API. Calls to our API can leverage our granular permissions system as well. Learn more about Gauntlet API.

Notifications

Get notified about events you choose and automatically send emails to groups or individual emails. Events include scan management and issue policies. Learn more about Gauntlet notifications.

Custom Scanner

It's possible to ask for us to add another scanner or bring your own scanner to perform scans and convert its results into Gauntlet issues. Learn more about how to Bring Your Own Scanner.