BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Reporting Snapshots and Saved Views

Post by Morey Haber June 7, 2011

I would like to tell you about a new feature recently added to Retina Insight. It may sound so simple but it solves a huge problem for businesses that like to perform ad-hoc reports.  If your one of those companies that likes to run reports ad-hoc, when you want, and review it compared to older reports saved electronically the same way, read on.

So here is the problem. Often users run ad-hoc reports on a data set that is constantly changing due to new events and identified vulnerabilities. When they run the report one day, the output may have a given number of vulnerabilities and running it the next day, a new and different tally. Users can traditionally fix this by specifically choosing the scan job to generate the report and save the results. This does not however allow reports to be generated with relative dates (last 30 days for PCI) since this is a moving relative date range. Reports will inherently change day after day as they are executed and ad-hoc reports become relative to the date they where executed. So how do you run a report with a relative period and save them in context with only the data available for that date? This is where the new feature comes in – Saved Views and Save Snapshots. First, let me define each of them:

Saved Views – When setting up a report, a user can selected various criteria including the chart type, relative date range, and devices in scope (Smart Groups) to include in the report. Once they have made all the selections, just the way they like them, a Save button is available to store the reporting filters exactly the way they like them for future reports. This is a Saved View.

Saved Snapshots – After a report is generated, a Saved Snapshot stores the data permanently “as is” into the database. The report is now electronically stored in its original format (not downloaded as a PDF) for retrieval and interaction using data specifically generated from the relative dates and scans selected with full drill down capabilities. Essentially, it is a snapshot of the report stored in the database from the date and time it was run and never changes based on any new or purged data for its rendering.

So why is this so important for ad-hoc report users?  First, when generating a report, you can setup it up to run every time the way you like it. Second, once you generate it, the report can be can stored electronically in its native format for future viewing or even exporting later into a different format. After you store several Saved Snapshots, you will a have running library to reference old reports and a guide to where you have been, and where you are potentially going. Having them all stored online, or even published to MS SharePoint using the “Subscribe” button provides the historical transparency  you need to meet many regulatory initiatives and best practices for data security. It answers that question, “didn’t we see that before?” or even “do you have that old report?”

For more information on Retina Insight, please click here. This new feature can save you endless hours thumbing through old reports (PDFs) and track historical data from the date it was generated. Any clients that need to be able to provide historical reporting on the fly, especially from ad-hoc reports, will benefit from these new features.

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,