BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Plugging Into Your Remediation Process

Posted June 21, 2011    Morey Haber

My team and I have spoken with a number of analysts and have confirmed that the plethora of vulnerability assessment solutions on the market share a common trait and a common flaw, the shear volume of reports that can be created based on a vulnerability assessment. Every scan can lead to a myriad of hosts and vulnerabilities that need remediation and pages upon pages of work for another team to execute upon. This is where Unified Vulnerability Management plugs into a remediation process. In some organizations, this process is a paper based report (or PDF) forwarded to the server or desktop administration team to apply security patches or a process of opening help desk tickets to various team members to perform remediation. Both of which is very labor intensive. Some organizations have embarked on patch management integration to streamline the process and others believe in a separate and distinct separation of duties.

The process regardless of the internal procedures to pass data generally looks like this:

An assessment finds the vulnerability, something or someone mitigates the security risk, the risk is verified remediated, and final reports trend the progress over time. The labor intensive process occurs between the first two steps as volumes of reports are produced and an administrator must decipher them to apply the appropriate patch and ultimately deploy it using tools or even “sneaknet” for all affected systems.

This is where eEye can help. eEye’s Unified Vulnerability Management approach considers the vulnerability assessment and patch mitigation as in an integrated step in the process. Users can go from vulnerability identification to patch deployment in one easy step with complete role based access and without the need for lengthy reports and manual procedures.  In fact, this integrated process also includes protection against threats even if the patch is not deployed. Below is a screenshot directly from the Retina CS management console that highlights this functionality:

Essentially, eEye has plugged the remediation process directly into vulnerability assessment. This removes the burden that analysts and users agree upon. How to shorten the time from vulnerability identification, report generation, and patch mitigation to nearly day zero with out the need for tons of reports and manual intervention. Environments with strict segregation of responsibilities can also benefit from this approach due to the unique role based capabilities built into the solution.

For more information on how eEye can help integrate your remediation process directly into vulnerability assessment, please click here.

Additional articles

ovum-research

New Analyst SWOT Assessment Identifies Key Strengths of PowerBroker

Posted November 24, 2014    Scott Lang

Following on the heels of the Gartner PAM market guide and Frost & Sullivan review of Password Safe comes a new analyst review of our BeyondInsight and PowerBroker platforms, a SWOT assessment of BeyondTrust written by Ovum. Ovum’s honest and thorough review of BeyondTrust indicates that we are delivering, “…an integrated, one-stop approach to PAM….

Tags:
, , ,

Patented Windows privilege management brings you unmatched benefits

Posted November 24, 2014    Scott Lang

We are pleased to announce that BeyondTrust has been granted a new U.S. Patent (No. 8,850,549) for privilege management, validating our approach to helping our customers achieve least privilege in Windows environments. The methods and systems that we employ for controlling access to resources and privileges per process are unique to BeyondTrust PowerBroker for Windows….

Tags:
6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,