BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Retina Protection Agent Part II

Posted September 10, 2010    Morey Haber

Part of being a good product manager is keeping an eye on your competition with a lifecycle development approach in mind. This considers whether the competition is expanding their product line outside of the solutions core competency and if the maturity requires rapid development and feature releases. At the end of lifecycle, the solution becomes End of Life (EoL) and dropped as a product. For standalone Host Intrusion Prevention Solutions (HIPS), the grim reaper is just around the corner.

Consider that Cisco has announced EoS (End of Sale) and EoL dates for the Cisco Security Agent and this agent was based on an acquisition of Okena in 2003, HIPS has had a relatively short life of seven years as a standalone enterprise product. Gartner, in their recent 2010 IT Market Clock for Infrastructure Protection, has also indicated that HIPS has passed the “Dusk of Obsolesce” for personal computers. So what technology is replacing HIPS to combat modern day threats?

For starters, the concept of a host-based intrusion prevention as a standalone tool has lost its value as a single agent technology solution. It targets protocol, service, and network based vulnerabilities and their accompanying exploits as a prevention product. With trends indicating that threats are evolving to web applications and client side attacks, HIPS becomes an older (but required) piece of a much larger puzzle. This is where the Retina Protection Agent (and its parent solution Blink Professional) become the next viable solution for organizations.

As I indicated above, products either mature and die like CSA, or they evolve to meet current challenges. These challenges can warrant new features, platform support, or even just updates to the workflow for simplification and usability. The Retina Protection Agent has exceeded the requirements of being a basic HIPS solution by supporting the latest Microsoft operating systems, adding key features for local agent-based vulnerability assessment to detect which client applications are vulnerability, and a new Management Console, Retina CS, to simplify the deployment and administration of this agent-based technology.

Host Intrusion Prevent Solutions may be at the end of their useful lives, but the need to protect the desktop is as important as ever. The threats have evolved and therefore the technology must evolve to meet these threats. eEye is ahead of the curve and our products will exceed your expectations for Unified Vulnerability Management from Assessment, Mitigation, to Endpoint Protection.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,