BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

A New Way of Looking at Vulnerabilities in Your Environment

Posted April 23, 2014    Morey Haber

Assets, users, vulnerabilities and exploits; all are common themes in my posts on BeyondInsight. With BeyondInsight v5.1, we unveiled a new way to view exploitable assets. Sure, most vulnerability management solutions link vulnerability data to exploit information, allowing tools like NeXpose and QualysGuard to list an asset, its vulnerabilities, and any related exploits. BeyondInsight does this and then takes it to the next level.

Taking Prioritization to the Next Level

With version 5.1, BeyondInsight adds Vulnerability-Based Smart Rules to its Asset Smart Rules (which we’ve had for years and other vendors are just beginning to introduce). This is an industry-unique feature because it allows users to pivot and group information based on vulnerability results and findings, rather than solely on groups of assets. As a result, they can better prioritize remediation efforts by filtering vulnerabilities and isolating those currently targeted by known, active exploits.

smart rules manager for vulnerabilities - v2

Focusing on the Vulnerability Data You Care About

Now, BeyondInsight users can easily narrow assessment results down to only those Asset Smart Groups containing vulnerabilities with current exploits – with no data bleed or errant findings. The new Vulnerability Smart Rule also incorporates Boolean logic for additional vulnerability details such as vendor, description, CVE, etc. This allows specific operational teams to tailor vulnerability assessment findings to their specific areas of responsibility. For example, an operations team may only want to view desktops that contain exploitable Microsoft Office applications. The Smart Rule can easily be modified to display only those vulnerabilities relevant to Microsoft Office.

Revealing the Implications of Zero Day Threats  

For another example, consider the recent Microsoft Word zero-day vulnerability recently published and previously discussed in our blog. Given this threat, BeyondInsight can document the following:

  • Which assets the zero-day vulnerability is present on
  • Which assets are exploitable based on the zero day
  • What is the documented vulnerability and proper mitigation until a patch is available
  • Which tools have a published exploit for the zero day
  • Whether the zero day is exploitable from within a common malware framework

BeyondTrust redefines how organizations use vulnerability data. This latest feature helps prioritize vulnerability information by filtering not only the vulnerability list for exploits, but also the asset list. It allows organizations to gain context-aware security intelligence by refining assessment results for the teams that need it most and filtering the risks for dangers that require immediate attention.

> Download the BeyondInsight v5.1 New Features Overview
> Request a free trial
> Learn more about BeyondInsight

Tags:
, , , , ,

Leave a Reply

Additional articles

powerbroker-for-mac-diagram-small

PowerBroker for Mac: A Least-Privileged Apple a Day…

Posted July 27, 2015    Jason Silva

BeyondTrust PowerBroker for Mac reduces the risk of privilege misuse by enabling standard users on Mac OS X to perform administrative tasks successfully without entering elevated credentials.

Tags:
, ,
PrivilegedAccountManagement

On Demand Webinar – Now is the time for Privileged Account Management

Posted July 24, 2015    BeyondTrust Software

In this webinar, SANS Instructor and Founder of Voodoo Security, Dave Shackleford, will revisit several hacking and breach scenarios that involved privileged accounts, and use these as examples while discussing tools and tactics to get this problem under control once and for all.

Tags:
, ,
dave-shackleford-headshot

Privileged Account Management: The Time is Now

Posted July 22, 2015    Dave Shackleford

There’s plenty of problems we don’t have great options for in InfoSec today. Malware is a pain point that keeps evolving rapidly. 0-day exploits are tough to prepare for. Privileged account management? We got this. We know the root causes, we know how it manifests, we know how to get it under control effectively, and there are great technology solutions that are enterprise-class.

Tags:
, ,