BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Retina CS 4.5 – Calendars and Vulnerability Smart Rules

Posted May 21, 2013    Morey Haber

One of the many challenges facing Product Management today is addressing client feature requests. Often times, the request for a specific business problem does not translate to other customers or markets. Other times, the request is so complicated to explain, it takes multiple discussions to figure out the root problem and to figure out if the technology can be adapted to even solve the problem. Once in a while, these two challenges overlap with multiple clients and you can state, “ I can do that!” For the release of Retina CS 4.5, this overlap felt like hitting the lottery and we were able to address a few complex issues that target multiple lines of business.

I would like to share a few with you that will be released very soon.

Audit Groups

First, is the relatively simple concept of audit groups (some of you may refer to them as plug-ins). These are static groups that are manually built by the end user or are automatically updated using a service to include new audits or depreciate obsolete checks. Most clients use groups like “All Audits” to perform their scans or targeted groups based on Report Templates. The problem my clients have been trying to solve is how to automatically build these groups based on business logic. This concept is a challenge for every vulnerability assessment tool on the market; not just for Retina, and no one has found a good solution to recover the wasted time required to do this.  For example, if the Desktop Team wants to target Adobe and Java vulnerabilities every month, they need to create a new audit group (manually in every tool on the market today) that contains just these checks. Next month, they need to update the group with a new set of queries to include any changes and re-save the audit group. Basically, they run a search, select the changes and save out the difference. If they don’t, they will not be including any new updates and may not remove any depreciated checks. This type of targeting extends into every facet of a business. Users that want to check for Zero-Day, Denial of Service, or even CVE vulnerabilities by year would need to manually build and rebuild the group to include changes. Retina CS 4.5 has addressed this problem with Vulnerability Smart Rules.

Vulnerability Smart Rules

Vulnerability Smart Rules allow users to build groups based on any criteria found in a vulnerability audit. This logic can then be used to dynamically build asset groups, asset filters, and even dynamic audit groups and keep them up to date with no user intervention – at all. For example, if I wanted to build an Audit Group that dynamically updated to include only critical vulnerabilities for a specific vendor, it can. The engine will automatically process any audit updates to the database and rebuild the audit group when needed to include only these checks. These can be used for scheduled scans (with no user intervention) or to filter existing data on the fly for viewing and reports. Below is an example of this new powerful dynamic audit group capability:

smart-rules

Consider the possibilities and complexity that can now be automated to look for specific application checks or even database vulnerabilities without manually tweaking your targeting parameters for every scan.

Calendars

The second feature sounds silly to be discussing but natural to everyone that uses and lives within a calendar for daily conference calls, meetings, and tasks. Traditional vulnerability assessment solutions list scheduled scan jobs and reports in a grid. This is basic job scheduling that includes a sort-able list of what the job name is, when it is scheduled, and other criteria. The problem arises in the enterprise when they have to figure out what to do with hundreds of scan engines, dozens of reports, and a list that covers multiple pages. It is a burden to work with standard filter controls and search dialogue boxes. Furthermore, color coded icons make it difficult to see what runs when and overall their status. To handle more complex jobs clients have been requesting additional metrics and tabs. It took a moment of clarity to reinvent this process the way we do business today and what we came up with is a calendar for scheduling. In Retina CS 4.5, BeyondTrust proudly introduces a brand new calendar view for scheduled scan jobs and reports. This context shows a month at a time, all the jobs scheduled and all the reports completed for each assessment.  This is a simple and effective method to handle an age old problem, how to manage your tasks day by day.

Below is an example of this new perspective:

retina-cs-calendar

As a Product Manager, translating a client’s needs to technology requires some creativity, talented programmers, and a little luck. Figuring out common problems, sorting through endless feature enhancement requests, and getting lucky with a solution that solves multiple problems just makes the technology better for everyone. Retina CS 4.5 has dozens of new features like these that help put context around your users and assets, and measures their risk to the organization. Stayed tuned, there is more to come on Retina CS 4.5.

Tags:
, , , ,

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,