Vocabulary
The scoring system NowSecure Platform uses for severity that is now customizable via a calculator in Policy Engine
What is the Common Vulnerability Scoring System (CVSS)?
Free
How much does a mobile SBOM cost?
Medical technology companies can create a custom policy to help comply with this law (though it does not *certify* compliance)
What is HIPAA?
This new-to-Rainier UI option is easy on the eyes
What is Dark Mode?
The information surfaced from a Software Bill of Materials
What are the components of an app (open source libraries, closed source libraries, proprietary code)?
$3k
What is the price for 1 year of baseline integrated testing of 1 app?
These are the 2 different ways that users can apply policy coverage.
What are app level & organization level?
This new to Rainier feature enables users to pick just what they want to see
What is Filtering
The term for “dependencies of dependencies”
What are transitive dependencies?
$8k
What is the price for 1 year of advanced testing of 1 app?
The number of pre-set policies available in the Rainier release of the Policy Engine
What are the 5?
This new-to-Rainier UI option allows users to change how your apps are laid out on the homepage
What is view selector/card and table app view?
Customized compliance requirements, CVSS scores, and reprioritized findings at an organization, team, or app level.
What is a policy?
$16k, $24k, & $32k
What is the price for 1 year of guided testing for 4, 8, and 12 apps respectively?
The one industry standard available as a default policy
What is OWASP MASVS?
This new-to-Rainier section of the Platform security report allows users to create notes, attach useful information, and create an audit trail for analysts.
What is the "Declarations" section of the new security reports?
Rainier exports reports in these 2 file formats
What are .PDF & .JSON?
$15k
What is the cost of a full-scope mobile pentest?
This feature in Policy engine allows you to dynamically change how each finding is scored.
What is the CVSS calculator?
With this new-to-Rainier feature, users can now separate this file from the exported PDF and send it separately to their Dev teams in order to verify vulnerabilities in their code. In Classic, this was included in the security report and could not be separated.
What is an evidence .JSON file?