BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘PCI’

PCI-Approved-Scanning Vendor

Vulnerability Scanning for PCI DSS Compliance with BeyondTrust Retina

Posted May 19, 2014    Morey Haber

I’m pleased to announce that BeyondTrust’s Retina Enterprise Vulnerability Management has successfully completed PCI Scanning Vendor Compliance Testing. This means that Retina meets all PCI Security Standards Council requirements to perform PCI data security scanning. This also marks the fifth year that BeyondTrust is an Approved Scanning Vendor (ASV). Where Vulnerability Scanning Comes into Play…

Tags:
, , , , , , ,
BI Analytics Reporting

The Best Vulnerability Management Reporting and Analytics

Posted March 13, 2014    Morey Haber

The number one reason why our customers choose BeyondTrust for enterprise vulnerability management is simple: The BeyondInsight Reporting and Analytics capabilities included with Retina CS Enterprise Vulnerability Management exceed the capabilities of every single competitor combined. Retina CS with BeyondInsight is the only vulnerability management solution that ships with an integrated, structured big data warehouse…

Tags:
, , , , , ,
gold-star

Getting a gold star in compliance

Posted July 9, 2013    Mike Yaffe

You know I realize that I’m getting older after I lived through “this is gonna be the big year for PKI (heard that for 4 straight years, and I’m still waiting)”, or “everyone will have a digital certificate on all their credit cards next year”, or “security and compliance are two different things.” As for…

Tags:
, , , , , , ,
zero-gap1

On False Senses of Security

Posted November 16, 2011    Mike Puterbaugh

Customer conversations are the best part of my job. I really enjoy talking with users and buyers of security technology, especially in today’s hyperactive threat and attack climate. Most often these conversations are with customers proactively planning updates to their security strategy, or with prospects that have matured to a level where their tools need to be upgraded to enterprise solutions. However, there is small percentage of organizations we speak with who have come to eEye as a result of breach or a failed audit. One of *those* conversations was the impetus for this post.

Tags:

Data Governance – Why and How?

Posted July 30, 2011    Morgan Holm

In my first blog post I talked about proving and maintaining compliance for data governance rules defined for file system resources in the enterprise. This post will continue the discussion of data governance, reviewing some of the reasons organizations are implementing these policies and processes as well as the main challenges associated defining the rules…

Tags:
, , , , , , ,
Team

Vulnerability Management in a Data Warehouse

Posted November 16, 2010    Morey Haber

Have you ever been asked, “How long has that vulnerability been in our systems?” Have you ever wondered if your patch management process is keeping up with the number of new vulnerabilities being identified? Keep reading…

Tags:
, , , , , , ,

Too Many Regulatory Standards, Only One Tool Please

Posted November 12, 2010    Morey Haber

About every two years, I indulge myself with a new laptop. This time, I waited almost three years and will be retiring my old Dell XPS M1330 for a new Alienware M15x. I wanted raw horsepower for virtual machines in a laptop format and was not as concerned about battery life (since I carry an…

Tags:
, , , , , , , , , , , , , , , , ,

PCI DSS 2.0

Posted September 16, 2010    Brad Hibbert

Yes its PCI time again. PCI DSS 2.0 has just completed final review and is expected to come out next month. As indicated in the summary of changes document , there are no major changes expected. Refinements to better align standards, provide clarifications, increase merchant flexibility, and additional guidance on specific technologies including virtualization and…

Tags:
, , , ,

Configuration Compliance and Regulatory Reporting

Posted September 9, 2010    Brad Hibbert

In recent years there have been an increasing number of legislated regulatory mandates with which organizations must comply with to prove the confidentiality, integrity and availability of information stored in their systems and provided through external parties. After reading various whitepapers, websites and other articles that loosely use the terms “PCI, HIPAA, SOX, CIS, NIST,…

Tags:
, , , , , , , , , , , ,

The Importance of Web Application Scanning

Posted August 23, 2010    Morey Haber

The art of hacking a computer, operating system, and application has evolved over time. What was once seen as relatively simple hacks have been suppressed due to various intrusion prevention mechanisms developed by network security companies. Breaching a company’s perimeter to gain direct unauthorized access to an organization’s network is not as simple as it…

Tags:
, , ,