BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Retina Protection Agent

Posted September 2, 2010    Morey Haber

Traditional anti-virus solutions that rely on blacklisting malware are insufficient to protect today’s systems from the plethora of threats. Security vendors have evolved endpoint protection solutions to include firewalls, host-based intrusion prevention solutions, and even proactive application protection capabilities in order to defend against the evolving threat landscape. Unfortunately, many businesses still rely on anti-virus technology alone, and have implemented very few, if any, of the new endpoint protection solutions to combat modern threats.

In addition, zero-day vulnerabilities, misconfigurations, and third-party application vulnerabilities generally elude the IT administrator and become another vector for a successful exploit.  Gathering endpoint vulnerability data assists in determining these attack vectors and also serves a dual role for the security team in complying with regulatory initiatives. The general problem seems enormous for organizations to solve and a myriad of technologies must be implemented, paid for, and managed to defend against these dark arts…until now.

eEye Digital Security  is proud to offer a new form of agent-based vulnerability assessment: the Retina Protection Agent.  This solution can gather and report on all of the security vulnerabilities, zero-day vulnerabilities, and misconfigurations on a host, and provide advanced protection capabilities that co-exist with your existing anti-virus vendor. This unique layered approach allows you to augment your current anti-virus investment with a tool that can protect against the evolving threat landscape and provide critical vulnerability information for patch management processes and regulatory compliance initiatives. These features include:

  • Host-Based Intrusion Prevention including Zero–Day Vulnerability Prevention
  • System Protection
  • Application Control
  • Registry Protection
  • Removable Storage Protection
  • Local Vulnerability Assessment Agent

For clients that want to completely replace their existing antivirus solution, eEye Digital Security offers Blink Endpoint Protection Platform. This solution offers all the capabilities of the Retina Protection Agent while also giving you:

  • System and Application Based Firewalls
  • Virus and Spyware Protection
  • Web Application Firewall (optional add-on)

It is no longer a consideration of how to protect your assets, but rather when will they be compromised due to inferior and outdated protection and vulnerability management solutions. eEye offers modern solutions to combat these evolving threats and is the only solution available today with a complete endpoint protection and vulnerability management solution deliverable as a single agent with a rich internet enabled management application called Retina CS.

I encourage you to take a look at what modern Unified Vulnerability Management looks like today from eEye.

Tags:
, , , , , , , , , , ,

Leave a Reply

Additional articles

6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,
Password Game Show

Managing Shared Accounts for Privileged Users: 5 Best Practices for Achieving Control and Accountability

Posted November 20, 2014    Scott Lang

How do organizations ensure accountability of shared privileged accounts to meet compliance and security requirements without impacting administrator productivity? Consider these five best practices…

Tags:
, , , , , ,
Triggering MS14-066

Triggering MS14-066

Posted November 17, 2014    BeyondTrust Research Team

Microsoft addressed CVE-2014-6321 this Patch Tuesday, which has been hyped as the next Heartbleed.  This vulnerability (actually at least 2 vulnerabilities) promises remote code execution in applications that use the SChannel Security Service Provider, such as Microsoft Internet Information Services (IIS). The details have been scarce.  Lets fix that. Looking at the bindiff of schannel.dll, we see a…

Tags:
, , , , ,