BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Reporting Snapshots and Saved Views

Posted June 7, 2011    Morey Haber

I would like to tell you about a new feature recently added to Retina Insight. It may sound so simple but it solves a huge problem for businesses that like to perform ad-hoc reports.  If your one of those companies that likes to run reports ad-hoc, when you want, and review it compared to older reports saved electronically the same way, read on.

So here is the problem. Often users run ad-hoc reports on a data set that is constantly changing due to new events and identified vulnerabilities. When they run the report one day, the output may have a given number of vulnerabilities and running it the next day, a new and different tally. Users can traditionally fix this by specifically choosing the scan job to generate the report and save the results. This does not however allow reports to be generated with relative dates (last 30 days for PCI) since this is a moving relative date range. Reports will inherently change day after day as they are executed and ad-hoc reports become relative to the date they where executed. So how do you run a report with a relative period and save them in context with only the data available for that date? This is where the new feature comes in – Saved Views and Save Snapshots. First, let me define each of them:

Saved Views – When setting up a report, a user can selected various criteria including the chart type, relative date range, and devices in scope (Smart Groups) to include in the report. Once they have made all the selections, just the way they like them, a Save button is available to store the reporting filters exactly the way they like them for future reports. This is a Saved View.

Saved Snapshots – After a report is generated, a Saved Snapshot stores the data permanently “as is” into the database. The report is now electronically stored in its original format (not downloaded as a PDF) for retrieval and interaction using data specifically generated from the relative dates and scans selected with full drill down capabilities. Essentially, it is a snapshot of the report stored in the database from the date and time it was run and never changes based on any new or purged data for its rendering.

So why is this so important for ad-hoc report users?  First, when generating a report, you can setup it up to run every time the way you like it. Second, once you generate it, the report can be can stored electronically in its native format for future viewing or even exporting later into a different format. After you store several Saved Snapshots, you will a have running library to reference old reports and a guide to where you have been, and where you are potentially going. Having them all stored online, or even published to MS SharePoint using the “Subscribe” button provides the historical transparency  you need to meet many regulatory initiatives and best practices for data security. It answers that question, “didn’t we see that before?” or even “do you have that old report?”

For more information on Retina Insight, please click here. This new feature can save you endless hours thumbing through old reports (PDFs) and track historical data from the date it was generated. Any clients that need to be able to provide historical reporting on the fly, especially from ad-hoc reports, will benefit from these new features.

Additional articles

PowerBroker for Unix & Linux helps prevent Shellshock

Posted September 25, 2014    Paul Harper

Like many other people who tinker with UNIX and Linux on a regular basis, BASH has always been my shell of choice.  Dating back to the early days moving from Windows to a non-Windows platform, mapping the keys correctly to allow easy navigation and control helped ensure an explosion of use for the shell. Unfortunately,…

Bash “Shellshock” Vulnerability – Retina Updates

Posted September 24, 2014    BeyondTrust Research Team

A major vulnerability was recently discovered within bash which allows arbitrary command execution via specially crafted environment variables. This is possible due to the fact that bash supports the assignment of shell functions to shell variables. When bash parses environment shell functions, it continues parsing even after the closing brace of the function definition. If…

pbps-blog3

7 Reasons Customers Switch to Password Safe for Privileged Password Management

Posted September 24, 2014    Chris Burd

It’s clear that privileged password management tools are essential for keeping mission-critical data, servers and assets safe and secure. However, as I discussed in my previous post, there are several pitfalls to look out for when deploying a privileged password management solution. At this point, you may be wondering how BeyondTrust stacks up. With that,…

Tags:
, , , , ,