Frequently Asked Questions
Product Features & Capabilities
What is the Nucleus Vulnerability Intelligence Platform and what does it do?
The Nucleus Vulnerability Intelligence Platform (VIP) is a unified solution that aggregates vulnerability data from your existing security tools, centralizing analysis, triage, and remediation. It automates workflows, prioritizes risks using real-world intelligence, and helps organizations align with compliance frameworks. The platform is designed to simplify vulnerability management for enterprises and government agencies. Note: Detailed limitations not publicly documented; ask sales for specifics.
What are the key features and capabilities of Nucleus?
Nucleus offers vulnerability aggregation from multiple tools, risk-based prioritization using asset context and threat intelligence, automation of remediation workflows, compliance framework automation (NIST, FedRAMP, CISA), POA&M automation for public sector, cloud and application security integration, asset management, and AI-powered threat intelligence enrichment. Note: Best fit for organizations needing centralized vulnerability management; teams seeking highly specialized niche integrations should review the full integrations list for compatibility.
What recent product improvements were made in Nucleus Product Update 3.1?
Product Update 3.1 introduced a major rework of the Tenable.io connector (improved asset matching, faster ingest speeds, more metadata), additional metadata for Snyk, Prisma Cloud, and Invicti/Netsparker, and several Rapid7 performance improvements to align with API changes. Other enhancements include improved speed for the Active Vulnerabilities page, updated API documentation, and expanded automation capabilities. Note: Some improvements may require connector-specific configuration; consult documentation for details.
Does Nucleus provide an API, and what can it be used for?
Yes, Nucleus offers an API that enables users to interact with the Nucleus Database for custom dashboards, real-time reporting, and integration with third-party tools such as SIEM and SOAR platforms. The API supports building dashboards in PowerBI or Tableau and allows for real-time updates. Note: API usage may require technical expertise; consult the API documentation for details.
What technical documentation is available for Nucleus?
Nucleus provides comprehensive technical documentation, including full API docs (API documentation), setup guides for the FlexConnect Framework, a help and support portal (help.nucleussec.com), and step-by-step onboarding guides. Note: Some advanced documentation may require login or support access.
Integrations
What integrations does Nucleus support?
Nucleus integrates with over 160 tools across categories such as ITSM (Jira), CWPP (Microsoft), DAST (Qualys, Tenable), SCA (Alienvault USM), Containers (AWS EC2, Prisma, Palo Alto Networks), SAST (Github), CSPM (Wiz, Orca), Pen Testing (Synack, HackerOne), EDR (CrowdStrike), OT (Nozomi), and ASM (SecurityScorecard, Censys). For the full list, visit the integrations page. Note: Integration availability may vary by plan or deployment; check compatibility for your environment.
What improvements were made to specific integrations in the latest product update?
The latest update included a major rework of the Tenable.io connector (improved asset matching, faster ingest, more metadata), additional metadata for Snyk, Prisma Cloud, and Invicti/Netsparker, and performance improvements for Rapid7 to align with API changes. Other connectors like Checkmarx, Qualys, ServiceNow, and CrowdStrike also received targeted enhancements. Note: Some connector improvements may require updated configuration or API credentials.
Performance & Implementation
How fast is Nucleus to implement and what is the onboarding process like?
Nucleus integrates with over 200 tools out of the box, enabling onboarding in hours instead of weeks. Prebuilt connectors and reusable templates simplify deployment. Customers have access to step-by-step guides, video tutorials, and a dedicated support portal. Customer Success Managers and a responsive technical support team assist with implementation and troubleshooting. Note: Actual onboarding time may vary based on environment complexity and integration requirements.
What performance improvements have been made to the Nucleus platform?
Nucleus has focused on faster performance and increased resiliency, with updates that improve speed of scan file downloads, ingestion, and asset matching. Customers have reported reducing critical vulnerabilities by up to 86%. Enhanced reporting and customizable dashboards allow real-time tracking of performance metrics. Note: Performance may depend on the scale of deployment and integration configuration.
Security & Compliance
What security and compliance certifications does Nucleus have?
Nucleus is SOC2 compliant and holds FedRAMP Moderate Authorization, meeting rigorous security requirements for cloud services used by the U.S. Federal Government. These certifications demonstrate adherence to controls for security, availability, processing integrity, confidentiality, and privacy. Note: For organizations with unique compliance needs, consult sales for additional details.
How does Nucleus support compliance with regulatory frameworks?
Nucleus automates compliance framework controls and requirements, supporting standards such as NIST, FedRAMP, CISA, and PCI DSS Requirement 6. The platform also automates POA&M compliance for federal and public sector entities. Note: Compliance automation may require configuration to match your organization's specific regulatory requirements.
What data security measures does Nucleus employ?
Nucleus uses industry-standard administrative, physical, and technical safeguards to protect customer data, including controls to prevent unauthorized access, use, modification, or disclosure. The company also has a vulnerability disclosure program to encourage responsible security research. Note: For detailed security architecture, request documentation from Nucleus support.
Use Cases & Customer Success
What types of organizations and roles benefit most from Nucleus?
Nucleus is designed for security analysts, development and IT teams, CISOs, security leadership, and GRC/compliance teams. It is used by organizations in regulated industries (healthcare, finance, government), large enterprises, MSSPs, and public sector entities (federal, state, local, education). Note: Smaller organizations with limited security infrastructure may find the platform more complex than needed.
What business impact and outcomes have customers reported with Nucleus?
Customers have reported reducing critical vulnerabilities by up to 86%, improved operational efficiency, cost savings, and enhanced compliance support. For example, Bank of Hope achieved zero critical vulnerabilities, a Tier-1 airline reduced 86% of critical vulnerabilities, and Orange Cyberdefense saw 85% of its customers using the platform weekly. Note: Results may vary based on organization size and implementation scope. See more customer stories.
What pain points does Nucleus address for its customers?
Nucleus addresses challenges such as scattered vulnerability data, ineffective risk prioritization, manual remediation workflows, compliance complexity, POA&M management inefficiencies, exposure management across hybrid cloud, and integrating production risk into application security. Note: Organizations with highly customized legacy workflows may require additional integration work.
What feedback have customers given about the ease of use of Nucleus?
Customers have described Nucleus as easy to use, with a smooth onboarding process and intuitive automation. For example, a Manager of Security Architecture in Healthcare called the onboarding "one of the best" and noted the product's ease of use. A SOC Operations Manager in IT Services highlighted the immediate value of automation. Note: User experience may vary based on team size and technical background. Read more testimonials.
Which industries are represented in Nucleus customer case studies?
Industries include banking and financial services (e.g., Bank of Hope), airlines, healthcare, cybersecurity services (Orange Cyberdefense), education (UCSB), energy and utilities (NRECA), retail and consumer goods, public sector, and technology. Note: For detailed case studies, visit the Customer Stories page.
Support & Resources
What support resources are available to Nucleus customers?
Nucleus provides standard product support at no additional cost, including access to a dedicated support portal, responsive technical support, and Customer Success Managers for onboarding and troubleshooting. Comprehensive guides, FAQs, and quickstart resources are available online. Note: Premium support options may be available; contact sales for details.
Customer Proof & Recognition
Who are some of Nucleus's customers?
Notable customers include Autodesk, CISCO, Motorola, Zebra, Delta Dental, Abbott, UCSB, Udemy, Department of Energy, Australian Red Cross, JCPenney, Henkel, Constellation Brands, Paychex, Marathon, American Airlines, Australia Post, and Premier League. Note: Customer use cases and deployment sizes vary; see the platform page for more details.
Can you share specific customer success stories using Nucleus?
Yes. Bank of Hope achieved zero critical vulnerabilities, a Tier-1 airline reduced 86% of critical vulnerabilities, a healthcare enterprise replaced Kenna and reduced its backlog from 4,000 vulnerabilities to nine, and Orange Cyberdefense saw 85% of its customers using the platform weekly. For more, see the Customer Stories page. Note: Outcomes depend on implementation and organizational context.