Our suite of tools is constantly changing to meet the current needs of IT professionals.
Subscription Comparison
| Free | Enterprise |
| FirewallCAT | $0/Limited Trial | $99/month
|
| Quantitative Score | | |
| PCI Module | | |
| Ruleset Analysis | | |
| Ruleset Visualization | | |
| Overall Grade | | |
| WinCAT | | |
| Quantitative Score | | |
| Group Policy Analysis | | |
| Crackulator | | |
| Overall Grade | | |
| WebCAT | | |
| Quantitative Score | | |
| SQL Vulnerability Analysis | | |
| Website Structure Visualization | | |
| Overall Grade | | |
| SocialPET | | |
| Quantitative Score | | |
| Customizable Templates | | |
| Test Multiple Users | | Unlimited
|
| Historical Reporting | | Unlimited |
Overall Grade
|  | |
View Data Sheet
Firewall Audit Tool
The Jetmetric FirewallCAT is a web-based tool that performs two key functions not available in any other firewall audit tool. On the back-end, it detects Access Control List (ACL) errors by mimicking the firewall's thought process and analyzing the rules the same way that the firewall does. Then, on the front-end, it creates an easy-to-comprehend picture of everything that the firewall allows and denies. With this visual representation an IT administrator can easily see the net result of the ACLs without manually analyzing the entire configuration file.
- Scores your firewall configuration quantitatively
- Creates a graphic view of firewall rule set
- Grades overall firewall security (A-F)
- Analyzes rule set policy
- PCI compliance test
- Synactic and rule checks
- Currently works for Cisco firewalls - Sonicwall, Fortinet, and IPTables to be released soon
Enterprise-Wide Windows Active Directory (AD) Analysis
The Jetmetric WinCAT-AD (Windows Configuration Analysis Tools - Active Directory) is a powerful program that allows Domain Administrators the ability to see how their Group Policies are applied throughout their Microsoft's Active Directory environment. In contrast to built in Microsoft functionality that allows one to test a single object at a time, this security auditing tool reviews implemented Group Policy settings domain wide and outputs an easy-to-understand, browser-generated report.
- Scores your Group Policy security settings quantitatively
- Compare Group Policy security setting implementation against corporate policies and best practices
- Analyze entire enterprise servers and workstations from a single point
- Agentless enterprise-wide architecture
- Identify unused but important AD Group Policy Object (GPO) settings
Website SQL Injection Test
WebCAT uses a number of search engines to get a full list of web pages for a given website. It cross-references this list with a list of common web vulnerabilities (GoogleDorks) in order to identify trivially vulnerable pages. It then identifies and connects to each webpage that accepts user input with a number of non-invasive checks in order to see if the website replies with an error page. Depending on the nature of the error page, it may indicate information disclosure to possible website defacement. WebCAT is also able to identify other common web problems, such as outdated server information, and sensitive information stored in web page comments.
- Determine if your website is vulnerable to the single biggest risk to website compromise
- 1 of 10 sites on the internet are currently exploitable to visible SQL injection
- Find pages on your site that are vulnerable to an automated SQL injection
- Find pages potentially vulnerable to a blind attack
Email Phishing Social Engineering Tool
SocialPET (Policy Evaluation Tool) provides an automated process to test employees awareness of IT policies and common security risks. Email Social Engineering or "Phishing" is a common method used by attackers on the Internet to extract sensitive information, such as passwords, from people via email. SocialPET allows an IT or Security Administrator to craft an email with an embedded link to entice a user to supply their password. After the job is initiated, the administrator can view the results of how many people clicked the link in the email or even worse, disclosed their password. Each test and its results are saved, so improvement can be monitored over time. Even after a single test, success rates often dramatically change on subsequent tests.
- Test your employees willingness to click on untrusted emails
- See your security grade based on how many employees disclose their passwords
- Choose and customize multiple email templates to map the test to your environment
- Run multiple tests and track improvement over time
- Compare your success rate to others in the industry
Social PET Video Featuring Joel Parrish, Jetmetric Security Engineer
