BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

Posted April 18, 2014    Morey Haber

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree.

Of course, we understand that many organizations need to run multiple scanners in their environments. Fortunately, the BeyondInsight IT Risk Management Platform makes it easy to understand and act on vulnerability data from several scanners. For instance, with BeyondInsight v5.1, we just made it much easier to get comprehensive reports from your existing QualysGuard scans and data.

BI-Qualys-Connector-IMG2BeyondInsight solves several shortcomings in competing reporting systems and allows organizations to meet their business requirements by providing prioritized, contextual vulnerability and risk data. Consider some of the common problems we hear from customers regarding QualysGuard:

  • The highest cost per asset in the industry based on list pricing
  • All data is present in the cloud only and must be downloaded to spreadsheets or other tools for manipulation
  • Limited reporting capabilities and data longevity restrict long-term reporting needs and flexibility in output
  • Network scanning technology only with no support for local agents or advanced connectors into technologies like VMware

To assist our customers who are also Qualys clients, BeyondInsight v5.1 includes a new QualysGuard Cloud Connector to help bridge reporting shortfalls. BeyondInsight can now seamlessly import QualysGuard vulnerability data on an automated basis, in addition to allowing manual imports of flat files from Qualys, Tenable and Rapid7.

BeyondInsight’s reporting and analytics engine can present QualysGuard data alongside, or independently of, data from BeyondTrust’s own Retina CS Enterprise Vulnerability Management capabilities, which operate within the BeyondInsight platform. Configuring the Qualys connector is easy and only requires a few pieces of subscription information.

Once configured, the Connector will import QualysGuard results and create assets, reports, threat analyzers, heat maps, and data consistent with the native scan results from Retina CS – including being able to set exclusions. Customers also benefit from much more data and additional differentiators when using BeyondTrust’s Retina CS vulnerability management engine. These include (but are not limited to):

  • Enumeration of users, shares, services, processes, ports and installed software
  • Assessment capabilities for ThinApps and other VMware technologies
  • Extensive cloud connectors for Amazon, GoGrid, RackSpace, IBM and VMware
  • Mobile device scanning for BlackBerry, ActiveSync and Android
  • Extensive third-party integration with SEIMs, GRC solutions, Help Desk solutions, and other security tools
  • Benchmark configuration compliance using STIG, Microsoft and CIS templates
  • Malware and exploit toolkit information

BeyondTrust provides unmatched, context-aware visibility into the risks facing the largest, most diverse IT environments. Part of this means working well our customers’ other security solutions, even when those solutions compete with our own. Through features such as the QualysGuard Cloud Connector, BeyondInsight can help customers get more value out their scan data through superior reporting and analytics.

BI-Qualys-Connector-IMG1

For BeyondTrust customers seeking to consolidate and save costs by replacing their external scanning solutions, we offer the BeyondSaaS cloud-based scanning service for assessing externally facing network and web infrastructure. The BeyondInsight platform consolidates reporting and analytics for BeyondSaaS, Retina CS (for internal vulnerability management), and – now – third-party scanning solutions such as QualysGuard. As a result, customers have a single, centralized interface through which to view, analyze and report on their vulnerability management initiatives.

> Learn more about BeyondInsight
> Request a free trial of BeyondSaaS for perimeter scanning

Tags:
, , , , , , , ,

Leave a Reply

Additional articles

normal-blog-img

New IT Security Best Practices for Maintaining “Business as Usual” Despite Evolving Threats

Posted August 13, 2014    Morey Haber

It’s time to get back to business. Here in the U.S., summer vacations are wrapping up and businesses are looking forward to closing out 2014. Over the past year, we’ve seen several incidents that warrant changes in the ways consumers make purchases and businesses conduct transactions. Consider last week’s theft of a whopping 1.2 billion…

Tags:
, , ,

Retina Vulnerability Audits – August 2014 Patch Tuesday

Posted August 12, 2014    BeyondTrust Research Team

The following is a list of Retina vulnerability audits for this August 2014 Patch Tuesday: MS14-043 - Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742) 34924 – Microsoft WMC Remote Code Execution (2978742) MS14-044 - Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340) 34915 – Microsoft SQL Server Multiple Vulnerabilities (2984340) – 2008 34916 –…

patch-tuesday

August 2014 Patch Tuesday

Posted August 12, 2014    BeyondTrust Research Team

This August Microsoft has released nine security bulletins which account for a whole variety of critical vulnerabilities. The most critical bulletins are MS14-051 (Internet Explorer), MS14-045 (Kernel-mode), and MS14-049 (Windows Installer). MS14-043 fixes a critical code execution vulnerability within Windows Media Center (people still use that?). The vulnerability itself is specifically within a COM object…

Tags:
, , ,