BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

Posted April 18, 2014    Morey Haber

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree.

Of course, we understand that many organizations need to run multiple scanners in their environments. Fortunately, the BeyondInsight IT Risk Management Platform makes it easy to understand and act on vulnerability data from several scanners. For instance, with BeyondInsight v5.1, we just made it much easier to get comprehensive reports from your existing QualysGuard scans and data.

BI-Qualys-Connector-IMG2BeyondInsight solves several shortcomings in competing reporting systems and allows organizations to meet their business requirements by providing prioritized, contextual vulnerability and risk data. Consider some of the common problems we hear from customers regarding QualysGuard:

  • The highest cost per asset in the industry based on list pricing
  • All data is present in the cloud only and must be downloaded to spreadsheets or other tools for manipulation
  • Limited reporting capabilities and data longevity restrict long-term reporting needs and flexibility in output
  • Network scanning technology only with no support for local agents or advanced connectors into technologies like VMware

To assist our customers who are also Qualys clients, BeyondInsight v5.1 includes a new QualysGuard Cloud Connector to help bridge reporting shortfalls. BeyondInsight can now seamlessly import QualysGuard vulnerability data on an automated basis, in addition to allowing manual imports of flat files from Qualys, Tenable and Rapid7.

BeyondInsight’s reporting and analytics engine can present QualysGuard data alongside, or independently of, data from BeyondTrust’s own Retina CS Enterprise Vulnerability Management capabilities, which operate within the BeyondInsight platform. Configuring the Qualys connector is easy and only requires a few pieces of subscription information.

Once configured, the Connector will import QualysGuard results and create assets, reports, threat analyzers, heat maps, and data consistent with the native scan results from Retina CS – including being able to set exclusions. Customers also benefit from much more data and additional differentiators when using BeyondTrust’s Retina CS vulnerability management engine. These include (but are not limited to):

  • Enumeration of users, shares, services, processes, ports and installed software
  • Assessment capabilities for ThinApps and other VMware technologies
  • Extensive cloud connectors for Amazon, GoGrid, RackSpace, IBM and VMware
  • Mobile device scanning for BlackBerry, ActiveSync and Android
  • Extensive third-party integration with SEIMs, GRC solutions, Help Desk solutions, and other security tools
  • Benchmark configuration compliance using STIG, Microsoft and CIS templates
  • Malware and exploit toolkit information

BeyondTrust provides unmatched, context-aware visibility into the risks facing the largest, most diverse IT environments. Part of this means working well our customers’ other security solutions, even when those solutions compete with our own. Through features such as the QualysGuard Cloud Connector, BeyondInsight can help customers get more value out their scan data through superior reporting and analytics.

BI-Qualys-Connector-IMG1

For BeyondTrust customers seeking to consolidate and save costs by replacing their external scanning solutions, we offer the BeyondSaaS cloud-based scanning service for assessing externally facing network and web infrastructure. The BeyondInsight platform consolidates reporting and analytics for BeyondSaaS, Retina CS (for internal vulnerability management), and – now – third-party scanning solutions such as QualysGuard. As a result, customers have a single, centralized interface through which to view, analyze and report on their vulnerability management initiatives.

> Learn more about BeyondInsight
> Request a free trial of BeyondSaaS for perimeter scanning

Tags:
, , , , , , , ,

Leave a Reply

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,