Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Now Available: Retina Unlimited – $1,200 Unlimited IP Addresses

Posted October 8, 2013    Marc Maiffret

It has been over 15 years since we first introduced Retina, the Network Security Scanner, to the world. In those early days the vulnerability assessment space was still in its infancy with much of the focus being around scanning network based services for remotely exploitable vulnerabilities. Back then there were no compliance mandates or policies that created awareness or a must-have reason to use vulnerability assessment. Rather, those early adopters understood that while attacks and threats might evolve they would still largely rely on leveraging unpatched vulnerabilities and misconfigured software. If one thing is clear in the last 15 years it is that indeed organizations are still most commonly hacked via unpatched and misconfigured systems, as malware based threats continue to explode in a way that is clearly untenable.

Just as the threats have advanced so too has the technology for assessing systems for vulnerabilities. What 15 years ago was more of a tools based approach used by pioneering IT administrators has today become a corner stone for most enterprise security processes. The evolution of vulnerability assessment into vulnerability management has come both because of new technological and business requirements. Vulnerability management has become an important tool in meeting the compliance mandates of different industries. It has also been critical in helping organizations prioritize vulnerabilities enterprise-wide based on exploit and threat analytics.

BeyondTrust (and formerly eEye Digital Security) has been a leading pioneer in the vulnerability management space and over the last several years has built up a robust enterprise platform for meeting both compliance and risk assessment needs. Our Retina CS technology has been a leader in its class, in both reporting and analytics, that allows for an easily customizable risk assessment of an organization’s overall security posture. Part of what makes our enterprise offering so capable is our highly evolved vulnerability scanning engine; Retina Network Security Scanner.

Since its inception more than 15 years ago, Retina Network has continued to be the backbone of our vulnerability assessment capabilities. Retina Network has evolved not only as the engine feeding our enterprise Retina CS solution, but as a great standalone product for any IT toolkit. The art of scanning for vulnerabilities is sometimes taken for granted by those whom look at the world of vulnerabilities through the lens of something like Microsoft’s Patch Tuesday. In fact now more than any time previously our industry needs to be pushing the boundaries of what it means to assess an organizations vulnerabilities.

Retina Network has continued to be a pioneer in pushing the art of vulnerability assessment forward by expanding our thinking of vulnerabilities beyond something as simple as outdated software or a system misconfiguration. We have innovated to be able to do amazing things such as performing a vulnerability assessment against completely powered off virtual machines or assessing how secure a system is based not on its configuration alone but based on the system’s overall network security perimeter and common best practices such as egress filtering or filtering of direct executable downloads.

Just as our technology has evolved so too has our business. As centralized Vulnerability Management solutions, like our Retina CS platform, have continued to flourish and take center stage the dynamics of business and our market has changed. This has resulted in newer robust solutions for customers and tremendous growth for us as a company and our industry overall. Throughout all the iterations of our market, though, one fact has remained constant; a robust standalone vulnerability assessment product is a great tool to have in every IT toolkit regardless of any enterprise wide vulnerability management deployment.

It is to that end that we are extremely excited to be announcing Retina Unlimited. A new licensing model for our standalone Retina Network Security Scanner that allows for vulnerability assessment against an unlimited number of IP addresses for just $1,200. We look forward to hearing from you about the features and ideas you have as we continue to provide not only the best enterprise vulnerability management solutions in the market but also the most cost effective and robust vulnerability assessment solution for any IT toolkit. Learn more about Retina Network Security Scanner Unlimited here.


Marc Maiffret

, , , , ,

Leave a Reply

Additional articles

Are Your Data Security Efforts Focused in the Right Area?

Posted January 28, 2015    Scott Lang

Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain…


GHOST Vulnerability…Scary Indeed

Posted January 28, 2015    BeyondTrust Research Team

A vulnerability discovered by Qualys security researchers has surfaced within the GNU C Library that affects virtually all Linux operating systems. The vulnerability lies within the various gethostbyname*() functions and, as such, has been dubbed “GHOST.” GHOST is particularly nasty considering remote, arbitrary code execution can be achieved. In an effort to avoid taxing DNS lookups, glibc developers introduced…


Your New Years Resolution: Controlling Privileged Users

Posted January 27, 2015    Dave Shackleford

Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild…

, , ,