Merge.io

Merge_Logo_200

Merge.io aggregates your vulnerability data into a single application and simplifies the process of tracking the actions that are performed on each vulnerability during the remediation process. Vulnerabilities are organized into time based projects, filtered by risk and compliance initiatives and assigned to users for remediation.

Merge.io was developed from an operational point of view to provide a centralized platform to manage large data sets from discovery to proof of closure. From analysis, workflow, false positive management and through to remediation, Merge.io provides a “closed-loop” approach to managing vulnerabilities.

www.merge.io 

Features

Vulnerability Aggregation

Merge.io has the ability to aggregate vulnerability data from different vulnerability identification platforms. This aggregation can be accomplished via scan data uploads or integrated with our RESTful API for higher levels of automation.

Merge.io supports Nessus, Qualys, Rapid7 Nexpose vulnerability scanners and more!

Customized Risk Profiles

Merge.io allows you to build highly customized risk profile filters using the profile builder. These risk profiles contain specific rules that define which vulnerabilities that you want to include and exclude for remediation tracking. As the platform imports your vulnerability result data, Merge.io applies the customized risk profile to include or exclude the vulnerabilities accordingly.

Analysis Filter and Sort

Merge.io offers a complex filter and search feature that enables you to build custom filters to group vulnerabilities together and allows you to take bulk action on the grouped vulnerabilities. Vulnerabilities can be searched and sorted by description, risk, CVSS score, IP address, service, port and more.

Vulnerability Workflow Management

Merge.io contains a purpose-built workflow that was specifically designed for working with vulnerability data. It allows for the assignment of vulnerabilities and the tracking of all actions taken down to the validation of closure via automated scan-data analysis. The workflow functions similar to a ticketing system, retaining the full history of each individual vulnerability.

Screenshots

Screenshot 2019 04 15 15.44.35
Screenshot 2019 04 15 15.40.36
Screenshot 2019 04 15 15.41.49
Screenshot 2019 04 15 15.42.19