BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Sneak Peek: Free Mobility Scanning from eEye

Posted September 21, 2011    Brad Hibbert

With mobile devices and smart phones representing 40% of all mobile phones in the US, consumerization continues to blur the corporate boundary as employees expect and require consistent access to corporate services from wherever they are, on any device they’re using—desktops, laptops, tablets and smart phones. 

One of eEye’s major strengths from a vulnerability perspective is our focus on 100% discovery of all vulnerabilities provided via our remote and optional local scanning agents that cover windows, non-windows, networking devices, databases, applications, and web applications across physical and virtualized environments. So, it is only natural that eEye be the first vendor to offer robust vulnerability scanning for mobile devices as well.

Similar to our standard vulnerability management approach, which offers remote and local scanning options for maximum flexibility and visibility, we’re currently working on both agentless and agent-based scanning support for mobile devices. Most customers that we’ve been working with have a significant investment in Blackberry. So, the first release – which is only a couple of weeks away – will focus on Blackberry devices. Next, we’ll provide vulnerability assessment for Android and iOS (in the queue for later this year).

The Blackberry BES Connector will be included with our Retina CS management console at no additional cost and will be provided free with a community version of the CS console – also shipping at the end of the month. Retina CS will support multiple BES Connectors that will connect to the BES admin service and pull back lots of data including hardware, apps, and configuration. The connectors can use both supported credential methods (AD or BAS). The default port that a BAS server listens on is 443, but it can be changed as needed. Both the BAS configuration and the CS Connector will allow you to specify a port.

Retina CS Connector Details

We will have an extensive list of built-in audits, but will also provide a lot of flexibility through custom device and application audits. Below is a simple example of custom audits that can be created to look for specific applications/versions being installed on devices.

Custom Device Audit

If you are familiar with Retina CS you will see that the configuration of the scanning, prioritization, and reporting on mobile devices is exactly the same for other asset types. As I mentioned the Blackberry support will be available to customers and to our community (a free license up to 128 assets!) in a couple of weeks.

I Need your Input

I look forward to gathering feedback through direct correspondence and through our community forums as we continue to enhance this offering to include Android and iOS later this year. As a first step, I’d like to get your feedback on mobile devices within your organization. Click here to answer a very short survey.

Leave a Reply

Additional articles

Are Your Data Security Efforts Focused in the Right Area?

Posted January 28, 2015    Scott Lang

Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain…

Tags:
ghost

GHOST Vulnerability…Scary Indeed

Posted January 28, 2015    BeyondTrust Research Team

A vulnerability discovered by Qualys security researchers has surfaced within the GNU C Library that affects virtually all Linux operating systems. The vulnerability lies within the various gethostbyname*() functions and, as such, has been dubbed “GHOST.” GHOST is particularly nasty considering remote, arbitrary code execution can be achieved. In an effort to avoid taxing DNS lookups, glibc developers introduced…

Tags:
,
dave-shackleford-headshot

Your New Years Resolution: Controlling Privileged Users

Posted January 27, 2015    Dave Shackleford

Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild…

Tags:
, , ,