NAVEX IRM Integrations

Rayven designs and delivers operational systems for industrial and asset-intensive businesses. We connect fragmented data from IT, OT, IoT, files, and existing systems - anything - without rip-and-replace, then turn it into automation and made-to-fit operational solutions that run in a single environment. Rayven is built for real operational conditions - sites, assets, field teams, production, logistics, and infrastructure. Teams get real-time visibility and automated workflows that reduce manual work, close gaps between systems, and improve coordination across operations. Everything is delivered end-to-end. Rayven designs the solution, provides the underlying technology, deploys it, and supports it over time - without requiring internal development teams or large implementation projects. Rayven works directly with customers and via partners through white-label and co-branded solutions. Based in Australia and New Zealand, supporting industrial organisations globally.

As the market leader in automated web application security testing, Acunetix by Invicti is the go-to security tool for Fortune 500 companies. DevSecOps teams can cut through the noise to uncover unseen risks and mitigate dangerous exploits, detecting and reporting on a wide array of vulnerabilities. With an industry-leading crawler that fully supports HTML5, JavaScript, and Single-page applications, Acunetix enables the auditing of complex, authenticated applications for deeper insight into an organization's risk posture. It's a leader for a reason: the technology behind Acunetix delivers the only product on the market that can automatically detect out-of-band vulnerabilities to enable comprehensive management, prioritization, and control for vulnerability threats by criticality. Plus, it's available both online and as an on-prem solution, integrating with popular issue trackers and WAFs so that DevSecOps teams don't have to slow down when building innovative apps.

The NAVEX One Governance, Risk, and Compliance Information System (GRC-IS) helps to create a stronger corporate culture backed by business integrity because it unifies your risk and compliance program into one holistic solution. This provides a comprehensive view of your GRC program to better manage all types of risks that come from doing business such as employee actions, constantly changing regulations, and global events. This comprehensive system streamlines how your employees, third parties, and business processes work together. Our cloud-based suite of proven solutions helps you manage risk and compliance processes like onboarding new employees with ethics training and policy attestations, screening and monitoring third parties and automating business processes by integrating risk discovery and workflows. And with experience handling the data of thousands of customers, we know how to improve the bottom line with insights from data to drive better decision-making.

You transform your business, we’ll keep your cloud services secure. InsightCloudSec enables you to drive innovation through continuous security and compliance. Achieve continuous security and compliance and prevent misconfigurations through unified visibility and monitoring and real-time automated remediation. Secure configurations and workloads through automated cloud security and vulnerability management across dynamic cloud environments. Manage identity and effective access across ephemeral resources, at scale. InsightCloudSec is a fully-integrated cloud-native security platform, your whole cloud security toolbox in a single solution. Consumer privacy (or the lack thereof) is a huge societal concern and the focus on protecting privacy is manifesting itself through many forms, including regulations like the California Consumer Privacy Act and General Data Protection Regulation.

Robust cloud solution for continuous web app discovery and detection of vulnerabilities and misconfigurations. Fully cloud-based, it’s easy to deploy and manage, and scales to millions of assets. WAS finds and catalogs all web apps in your network, including new and unknown ones, and scales from a handful of apps to thousands. With Qualys WAS, you can tag your applications with your own labels and then use those labels to control reporting and limit access to scan data. WAS’ dynamic deep scanning covers all apps on your perimeter, in your internal environment and under active development, and even APIs that support your mobile devices. It also covers public cloud instances, and gives you instant visibility of vulnerabilities like SQLi and XSS. Authenticated, complex and progressive scans are supported. With programmatic scanning of SOAP and REST API services, WAS tests IoT services and APIs used by mobile apps and modern mobile architectures.

Automated risk assessments tuned to match your risk appetite. Get the intimate risk performance assessments you need to efficiently manage your third-party risk. RiskRecon’s deep transparency and risk contextualized insights enable you to understand the risk performance of each vendor. RiskRecon’s workflow enables you to easily engage your vendors to realize good risk outcomes. RiskRecon knows a lot about your systems. Know what RiskRecon knows. Get continuous objective visibility of your entire internet risk surface, spanning managed, shadow and forgotten IT. RiskRecon knows a lot about your systems. Know what RiskRecon knows. Get continuous objective visibility of your entire internet risk surface, spanning managed, shadow and forgotten IT. See the intimate details of every system, the detailed IT profile and security configuration. We’ll even show you the data types at risk in every system. RiskRecon’s asset attribution is independently certified to 99.1% accuracy.

NAVEX One GRC Information System’s hotline and incident management solution captures and investigates ethics and compliance reports from across the organization in a centralized database. Role and rule-based routing and automated workflows will systemize and streamline processes from intake to investigation to case closure​. This way, you can apply the knowledge gained from your incident management program to enhance training programs, modify policies or revise your code of conduct. EthicsPoint provides a consistent process from intake/investigation to reporting/analysis and creates the audibility that Dodd-Frank, UK Bribery Act, and FCPA investigators demand.​ Our professional communication specialists are available 24/7/365, and our system availability is ensured by end-to-end networking redundancy and scalability. ​