BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Statistics, Claims, Marketing and Leadership in IT Risk Management

Posted June 12, 2014    Morey Haber

Good marketing plans and effective technology can place unmovable stakes in the ground in terms of statistics and claims. You see these every day in the form of ROI calculations, customer results, performance figures … the list goes on. The intention, to put it bluntly, is to point out differentiators that help customers select one vendor’s solution over those of competitors.

You might find it odd that I’m talking about this on a blog, but understanding how and why a company chooses to market a solution is just as important as the claims they make. For example, an automobile manufacturer may make claims around safety or awards but not reference whether any of their competitors are as safe or received the same awards. They want you to only think of their brand, their strategy, and what they can do for you. You end up thinking the car is safe.

Software solutions are not much different. BeyondTrust has an integrated suite of solutions that share and report on common data through the centralized BeyondInsight management interface. BeyondInsight essentially links data to reveal the risks and threats within an organization. This data comes from our best-of-breed PowerBroker Privileged Account Management (PAM) and Retina Vulnerability Management (VM) solutions. PowerBroker and Retina solutions can be used separately or integrated together – it’s totally up to each customer. Now for our claims:

  • Multiple patents pending on many best-of-breed BeyondTrust solutions
  • Discovery detection for over 2,500 different operating systems and devices
  • Vulnerability scanning of a Class C network with authentication in under 25 minutes
  • Over 260 reports shipped out-of-the-box and a true ad-hoc report creator
  • The only solution to have Vulnerability-Based Application Management for application control
  • The only solution to have patent pending integrated technology for privilege management, privileged password management, and vulnerability management in the same console
  • Industry-unique cloud, mobile and data import connectors for complete zero-gap coverage
  • The only technology to ship with a structured big data warehouse for statistical analysis of all datasets

Of course, there are plenty more differentiators that we bring to the table. While other technologies have stayed completely vertical, BeyondTrust has taken the lead in recognizing that dissimilar datasets, when probably merged together, can provide an eye-opening experience for security and operations teams alike. If you look at other successful software companies, they dared to move out of their single products and expand into technologies that made relevant sense: Microsoft with operating systems and office applications; Apple with computers, music players, smartphones and tablets; BeyondTrust with risk management solutions that address internal, user-based risks as well as external threats to IT assets. Bold, I know.

But it just makes sense. You need to understand how users are interacting with systems, what permissions they have, and what security risks are present on those systems. Operations and security teams have to work hand-in-hand to solve a common problem. Not too many technologies bring different teams within an organization together and allow them to share the same data for solving a problem. Consider all of these users:

users-graphic-0614

Each one can get data and analysis in the formats they need, such as executive reports, SLA reports, and even heat maps. If you sit different users around the table, the reports they view all have the same data – but that data is properly pivoted to their individual roles. Auditors get a regulatory perspective, operations gets a patch report, and security teams a risk report – all based on the same data. No other vendor does this. This takes the concept of Context-Aware Security Intelligence to the next level and helps tie technology (with all the claims) to strategy.

At BeyondTrust, we back our claims with proven, best-of-breed solutions that are powerful in their own rights – and can combine to provide a new level of visibility into risk throughout your organization. Whether you need to implement Least Privilege, increase the security of user accounts, eliminate vulnerabilities, or all of the above, we can help.

> Learn more about our Privileged Account Management and Vulnerability Management solutions
> Read the white paper: “Fusing Vulnerability Data and Actionable User Intelligence”

Tags:
, , , , , ,

Leave a Reply

Additional articles

Are Your Data Security Efforts Focused in the Right Area?

Posted January 28, 2015    Scott Lang

Vormetric Data Security recently released an insider threat report, with research conducted by HarrisPoll and analyzed by Ovum. Based on the survey responses, it is apparent that there is still a great deal of insecurity over data. However, the results also show that there may be misplaced investments to address those insecurities. I will explain…

Tags:
ghost

GHOST Vulnerability…Scary Indeed

Posted January 28, 2015    BeyondTrust Research Team

A vulnerability discovered by Qualys security researchers has surfaced within the GNU C Library that affects virtually all Linux operating systems. The vulnerability lies within the various gethostbyname*() functions and, as such, has been dubbed “GHOST.” GHOST is particularly nasty considering remote, arbitrary code execution can be achieved. In an effort to avoid taxing DNS lookups, glibc developers introduced…

Tags:
,
dave-shackleford-headshot

Your New Years Resolution: Controlling Privileged Users

Posted January 27, 2015    Dave Shackleford

Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild…

Tags:
, , ,