BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Sneak Peek: Free Mobility Scanning from eEye

Posted September 21, 2011    Brad Hibbert

With mobile devices and smart phones representing 40% of all mobile phones in the US, consumerization continues to blur the corporate boundary as employees expect and require consistent access to corporate services from wherever they are, on any device they’re using—desktops, laptops, tablets and smart phones. 

One of eEye’s major strengths from a vulnerability perspective is our focus on 100% discovery of all vulnerabilities provided via our remote and optional local scanning agents that cover windows, non-windows, networking devices, databases, applications, and web applications across physical and virtualized environments. So, it is only natural that eEye be the first vendor to offer robust vulnerability scanning for mobile devices as well.

Similar to our standard vulnerability management approach, which offers remote and local scanning options for maximum flexibility and visibility, we’re currently working on both agentless and agent-based scanning support for mobile devices. Most customers that we’ve been working with have a significant investment in Blackberry. So, the first release – which is only a couple of weeks away – will focus on Blackberry devices. Next, we’ll provide vulnerability assessment for Android and iOS (in the queue for later this year).

The Blackberry BES Connector will be included with our Retina CS management console at no additional cost and will be provided free with a community version of the CS console – also shipping at the end of the month. Retina CS will support multiple BES Connectors that will connect to the BES admin service and pull back lots of data including hardware, apps, and configuration. The connectors can use both supported credential methods (AD or BAS). The default port that a BAS server listens on is 443, but it can be changed as needed. Both the BAS configuration and the CS Connector will allow you to specify a port.

Retina CS Connector Details

We will have an extensive list of built-in audits, but will also provide a lot of flexibility through custom device and application audits. Below is a simple example of custom audits that can be created to look for specific applications/versions being installed on devices.

Custom Device Audit

If you are familiar with Retina CS you will see that the configuration of the scanning, prioritization, and reporting on mobile devices is exactly the same for other asset types. As I mentioned the Blackberry support will be available to customers and to our community (a free license up to 128 assets!) in a couple of weeks.

I Need your Input

I look forward to gathering feedback through direct correspondence and through our community forums as we continue to enhance this offering to include Android and iOS later this year. As a first step, I’d like to get your feedback on mobile devices within your organization. Click here to answer a very short survey.

Leave a Reply

Additional articles

VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Tags:
, , ,
Privileged Account Management Process

In Vulnerability Management, Process is King

Posted February 18, 2015    Morey Haber

You have a vulnerability scanner, but where’s your process? Most organizations are rightly concerned about possible vulnerabilities in their systems, applications, networked devices, and other digital assets and infrastructure components. Identifying vulnerabilities is indeed important, and most security professionals have some kind of scanning solution in place. But what is most essential to understand is…

Tags:
, , , , ,