BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

A New Way of Looking at Vulnerabilities in Your Environment

Posted April 23, 2014    Morey Haber

Assets, users, vulnerabilities and exploits; all are common themes in my posts on BeyondInsight. With BeyondInsight v5.1, we unveiled a new way to view exploitable assets. Sure, most vulnerability management solutions link vulnerability data to exploit information, allowing tools like NeXpose and QualysGuard to list an asset, its vulnerabilities, and any related exploits. BeyondInsight does this and then takes it to the next level.

Taking Prioritization to the Next Level

With version 5.1, BeyondInsight adds Vulnerability-Based Smart Rules to its Asset Smart Rules (which we’ve had for years and other vendors are just beginning to introduce). This is an industry-unique feature because it allows users to pivot and group information based on vulnerability results and findings, rather than solely on groups of assets. As a result, they can better prioritize remediation efforts by filtering vulnerabilities and isolating those currently targeted by known, active exploits.

smart rules manager for vulnerabilities - v2

Focusing on the Vulnerability Data You Care About

Now, BeyondInsight users can easily narrow assessment results down to only those Asset Smart Groups containing vulnerabilities with current exploits – with no data bleed or errant findings. The new Vulnerability Smart Rule also incorporates Boolean logic for additional vulnerability details such as vendor, description, CVE, etc. This allows specific operational teams to tailor vulnerability assessment findings to their specific areas of responsibility. For example, an operations team may only want to view desktops that contain exploitable Microsoft Office applications. The Smart Rule can easily be modified to display only those vulnerabilities relevant to Microsoft Office.

Revealing the Implications of Zero Day Threats  

For another example, consider the recent Microsoft Word zero-day vulnerability recently published and previously discussed in our blog. Given this threat, BeyondInsight can document the following:

  • Which assets the zero-day vulnerability is present on
  • Which assets are exploitable based on the zero day
  • What is the documented vulnerability and proper mitigation until a patch is available
  • Which tools have a published exploit for the zero day
  • Whether the zero day is exploitable from within a common malware framework

BeyondTrust redefines how organizations use vulnerability data. This latest feature helps prioritize vulnerability information by filtering not only the vulnerability list for exploits, but also the asset list. It allows organizations to gain context-aware security intelligence by refining assessment results for the teams that need it most and filtering the risks for dangers that require immediate attention.

> Download the BeyondInsight v5.1 New Features Overview
> Request a free trial
> Learn more about BeyondInsight

Tags:
, , , , ,

Leave a Reply

Additional articles

VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Tags:
, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

Tags:
, , , , ,