BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Scalability When You Need It

Posted September 25, 2013    Morey Haber

I think we have all been there before. We pilot a solution, run the gambit of tests in the lab, and when it comes to production, the scalability falls flat on its face. It does not matter if the solution was architected correctly for the environment with multiple nodes, high performance database, and tons of CPU and RAM to spare, it just does not work. This is when we realize the vendor failed to create the technology with the scalability needed to address the challenges often encountered in enterprise deployments. The outcome is that we end up living with a scaled back implementation, or worse, waste time and money before picking another vendor. This is a challenge BeyondTrust is acutely aware of. Why? Because many of our clients have been there with a different vulnerability management solution and discovered that Retina was designed from the ground up to be scalable, portable, and architecturally flexible to meet the heavy demands of a true enterprise environment. For example, take the screen shot below:

Retina Screen Shot

This is from one of our test lab environments used for client demos. It is sanitized client data that has been scaled for testing. The supporting database contains over 100,000 assets and is fully functional for searching, filtering, reporting, and role-based access. It is used to demonstrate that with a single pane of glass, an organization can truly realize that they can perform vulnerability management for every asset in their organization, not just servers or PCI environments.

Retina Screen Shot

Consider the following report that literally takes a few seconds to generate using our embedded data warehouse (Retina Insight) that ships with the solution. It helps take that list of 100,000 devices and prioritize which devices should be remediated first, in lieu of a phone book of potentially a few million pages for every asset and vulnerability. Believe it or not, some our leading competitors still can only generate the long laundry list vulnerability report and do nothing to help the enterprise prioritize remediation activities.

We have all been there before. We have all had tools that work great on our desktops, in labs, but can not handle what truly awaits in the enterprise. With over 260 reports available out of the box, a true ad-hoc report engine that can build customized reports based on all the data collected, and a scalable platform that can handle hundreds of thousands of assets, why have you not looked at Retina yet? Get more info.

Tags:
, , ,

Leave a Reply

Additional articles

A Quick Look at MS14-068

Posted November 20, 2014    Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , ,
Password Game Show

Managing Shared Accounts for Privileged Users: 5 Best Practices for Achieving Control and Accountability

Posted November 20, 2014    Scott Lang

How do organizations ensure accountability of shared privileged accounts to meet compliance and security requirements without impacting administrator productivity? Consider these five best practices…

Tags:
, , , , , ,
Triggering MS14-066

Triggering MS14-066

Posted November 17, 2014    Research Team

Microsoft addressed CVE-2014-6321 this Patch Tuesday, which has been hyped as the next Heartbleed.  This vulnerability (actually at least 2 vulnerabilities) promises remote code execution in applications that use the SChannel Security Service Provider, such as Microsoft Internet Information Services (IIS). The details have been scarce.  Lets fix that. Looking at the bindiff of schannel.dll, we see a…

Tags:
, , , , ,