Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Now Available: Retina Unlimited – $1,200 Unlimited IP Addresses

Posted October 8, 2013    Marc Maiffret

It has been over 15 years since we first introduced Retina, the Network Security Scanner, to the world. In those early days the vulnerability assessment space was still in its infancy with much of the focus being around scanning network based services for remotely exploitable vulnerabilities. Back then there were no compliance mandates or policies that created awareness or a must-have reason to use vulnerability assessment. Rather, those early adopters understood that while attacks and threats might evolve they would still largely rely on leveraging unpatched vulnerabilities and misconfigured software. If one thing is clear in the last 15 years it is that indeed organizations are still most commonly hacked via unpatched and misconfigured systems, as malware based threats continue to explode in a way that is clearly untenable.

Just as the threats have advanced so too has the technology for assessing systems for vulnerabilities. What 15 years ago was more of a tools based approach used by pioneering IT administrators has today become a corner stone for most enterprise security processes. The evolution of vulnerability assessment into vulnerability management has come both because of new technological and business requirements. Vulnerability management has become an important tool in meeting the compliance mandates of different industries. It has also been critical in helping organizations prioritize vulnerabilities enterprise-wide based on exploit and threat analytics.

BeyondTrust (and formerly eEye Digital Security) has been a leading pioneer in the vulnerability management space and over the last several years has built up a robust enterprise platform for meeting both compliance and risk assessment needs. Our Retina CS technology has been a leader in its class, in both reporting and analytics, that allows for an easily customizable risk assessment of an organization’s overall security posture. Part of what makes our enterprise offering so capable is our highly evolved vulnerability scanning engine; Retina Network Security Scanner.

Since its inception more than 15 years ago, Retina Network has continued to be the backbone of our vulnerability assessment capabilities. Retina Network has evolved not only as the engine feeding our enterprise Retina CS solution, but as a great standalone product for any IT toolkit. The art of scanning for vulnerabilities is sometimes taken for granted by those whom look at the world of vulnerabilities through the lens of something like Microsoft’s Patch Tuesday. In fact now more than any time previously our industry needs to be pushing the boundaries of what it means to assess an organizations vulnerabilities.

Retina Network has continued to be a pioneer in pushing the art of vulnerability assessment forward by expanding our thinking of vulnerabilities beyond something as simple as outdated software or a system misconfiguration. We have innovated to be able to do amazing things such as performing a vulnerability assessment against completely powered off virtual machines or assessing how secure a system is based not on its configuration alone but based on the system’s overall network security perimeter and common best practices such as egress filtering or filtering of direct executable downloads.

Just as our technology has evolved so too has our business. As centralized Vulnerability Management solutions, like our Retina CS platform, have continued to flourish and take center stage the dynamics of business and our market has changed. This has resulted in newer robust solutions for customers and tremendous growth for us as a company and our industry overall. Throughout all the iterations of our market, though, one fact has remained constant; a robust standalone vulnerability assessment product is a great tool to have in every IT toolkit regardless of any enterprise wide vulnerability management deployment.

It is to that end that we are extremely excited to be announcing Retina Unlimited. A new licensing model for our standalone Retina Network Security Scanner that allows for vulnerability assessment against an unlimited number of IP addresses for just $1,200. We look forward to hearing from you about the features and ideas you have as we continue to provide not only the best enterprise vulnerability management solutions in the market but also the most cost effective and robust vulnerability assessment solution for any IT toolkit. Learn more about Retina Network Security Scanner Unlimited here.


Marc Maiffret

, , , , ,

Leave a Reply

Additional articles

VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

, , , ,

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

, , , , ,