BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Retina Performs Continuous Vulnerability Assessment

Post by Morey Haber January 28, 2014

SANS Critical Control 4 specifies criteria for continuous vulnerability assessment and remediation. This specification calls for vulnerabilities to be continuously assessed, correlated, and reported upon in real-time based on public disclosure and identification of new or changed assets.

Critical Control 4 is mandated by many government agencies, and requires prompt automated remediation that adheres to change control guidelines and best practices. Its goal is to make vulnerability identification and correction an integral part of standard business practices (similar to the specifications in PCI DSS 3.0), rather than a batch process that only reviews risks at intervals (generally once per month or quarter) – thereby creating gaps where threats could compromise assets and applications.

The Retina family of vulnerability management solutions simplifies adherence to Critical Control 4 and the concept of continuous vulnerability assessment via three deployment options and two modules.

First, lets explorer the two modules:

Retina CS Enterprise Vulnerability Management
Retina CS is the only vulnerability management solution designed from the ground up to provide IT security professionals with context-aware vulnerability assessment and risk analysis. Retina’s results-oriented architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure. By centralizing the data and providing real-time alerting, Retina forms the foundation for BeyondTrust’s continuous monitoring solution for vulnerability management.

Retina CS Patch Management
Seamlessly integrated with Retina CS, BeyondTrust’s Patch Management Module closes the loop on vulnerabilities by providing seamless patching for Microsoft and third-party applications. The technology is fully integrated, automated, and agent-less, and improves the efficiency and effectiveness of patch processes by correlating identified vulnerabilities with the appropriate remediation and allowing the process to be performed continuously as new risks are identified.

Based on these two modules, Retina can perform continuous vulnerability assessment using any, or all, of these three techniques:

The Retina Protection Agent
The Retina Protection Agent closes the security gap created by systems that can’t be reached with remote vulnerability assessments alone by providing a lightweight agent for local vulnerability assessment, continuous zero-day vulnerability monitoring, and optional intrusion prevention. This agent allows for the scheduling of vulnerability assessments to be conducted daily or triggered continuously by external solutions to provide an up to date view of the risks and vulnerabilities present on any Windows assets in accordance with SANS Critical Control 4.

Continuous Authenticated Vulnerability Assessment
Retina contains an industry-unique job scheduling engine that can perform vulnerability assessments multiple times per day and allow for change control windows, auto pause and restart, and automated job aborts when vulnerability data can not be obtained in a timely fashion. These unique capabilities allow for Retina to perform continuous network scan functions in line with the SANS Critical Security Controls and the stringent requirements set forth by many government agencies.

Third-Party Integration
Retina boosts over 30 integrations into SEIMs, call centers, and NAC solutions. With these extensive capabilities, the required escalation of data and on demand scanning required to meet continuous scanning requirements is achievable with the technology out of the box. For example, vulnerability correlation can easily be achieved with LogRhythm or IBM QRadar, and on-demand scanning based on network connectivity with seamless integration into ForeScout NAC.

BeyondTrust has made the process of meeting continuous vulnerability assessment and remediation simple and easy to implement based on requirements of the SANS Critical Security Controls. The technology can scale from the smallest environment to the largest enterprise. With a dedicated management console for reporting on assessments and changes in an environment, Retina can meet these requirements with agent and agent-less technology based on a simple asset-based license model. We look forward to showing you how Retina will change the way you manage risks and meet complex requirements like continuous monitoring.

Tags:
, , , ,

Leave a Reply

Additional articles

insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,

Vulnerability Expert Forum Highlights: April 2014

We had a great turnout for last week’s April 2014 Vulnerability Expert Forum (VEF) webcast. BeyondTrust Research experts, Carter and DJ, provided in-depth knowledge about the latest vulnerabilities and their potential impacts on network environments. Below are highlights from the Forum, plus an on-demand video of the presentation. Latest critical vulnerabilities, vendor patches, and zero-day…

Post by Chris Burd April 16, 2014
Tags:
, , , , ,