BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Tidings from the Year 2036: The Search for Relevant Security Data

Posted June 24, 2014    Morey Haber

A few years ago, I wrote a blog post about finding personal information online. I recently Googled myself again to see who knows what about me. I expected to find some posts and papers I’ve written, and maybe some of my contact details. Instead, the majority of the first-page results associate my name with a certain John Titor, “time traveller” from the year 2036. Sadly, this isn’t true (I’d be a much richer man if it were).

So what does this have to do with BeyondTrust? Well, it’s about the power of search and the importance of being able to find the information you need. With the overload of data available from security solutions today, the ability to quickly find relevant, meaningful information can mean the difference between maintaining a secure environment and suffering a breach.

Let’s take a look at the search capabilities within the BeyondInsight IT Risk Management Platform, which serves as a centralized management, analytics and reporting console for several of our vulnerability and privilege management solutions. To start with, all grids and panels in the BeyondInsight console have powerful search and filter bars:

blog-tidings-img1

BeyondInsight users can enter any expression or word to search for a specific asset, vulnerability, attack, user, event, etc. While this is basic functionality, the sheer fact that this functionality exists in every management grid is incredible. This means that if you ever find yourself overwhelmed with results, you can filter and search to home in on the data you need. Even more importantly, the old-school floppy disk icon allows you to save the results view to a CSV or XLS.

So what else can we turn up in BeyondInsight? Lets take a look at the Analytics and Reporting Module, which delivers over 260 reports plus a structured big data warehouse. If you’re not sure where to look, you can find specific report by entering a simple query, such as “Export”:

blog-tidings-img2

The results for “Export” include all the reports capable of exporting data in flat formats. We can then drill down further by searching within the reports for specific assets, accounts, vulnerabilities, etc.

In this day and age of omniscient Internet search engines, you’d think these seemingly basic search capabilities would be standard in all software solutions. However, take a close look at other security solutions, and you’ll find search capabilities to be lacking to say the least. Users are often forced to generate the report, download the results, and use native tools like PDF search. These long-winded approaches to pinpointing security data can be just as cumbersome as using Google to find information on a specific person. You need to scroll through pages of results, or attempt to narrow your search parameters to exactly what you need.

It would be so much easier to simply save the search filters or parameters to display exactly what you need and what you want others to see. BeyondInsight Smart Rules enable you to do just that: build targeted searches, narrow them to what you need, and save them for later use.

blog-tidings-img3

BeyondTrust solutions are designed and implemented to find the data you need to be productive and efficient. Whether you’re filtering results, finding a report template, or building saved queries, the technology delivers actionable results – not guesses based on similar fields or false positives.

As I mentioned above, a Google search of my name returns several false positives. I really need a Smart Filter to remove the garbage and show only the work I’m doing at BeyondTrust. If you’re a BeyondInsight customer, you’ll find that you have it much easier.

> Learn more about BeyondInsight for vulnerability and privilege management
> Learn about the Retina CS vulnerability reporting capabilities in BeyondInsight

Tags:
, , , , , , , , ,

Leave a Reply

Additional articles

Dark Reading

2014: The Year of Privilege Vulnerabilities

Posted December 18, 2014    Chris Burd

Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of “least privilege” could limit the impact of malware and raise the bar of difficulty for attackers.

Tags:
, , , , ,
dave-shackleford-headshot

Looking back on information security in 2014

Posted December 16, 2014    Dave Shackleford

Dave Shackleford is a SANS Instructor and founder of Voodoo Security. Join Dave for a closer look at the year in security, and learn what you can do to prepare for 2015, with this upcoming webinar. 2014 has been one heck of an insane year for information security professionals. To start with, we’ve been forced…

Tags:
, ,
patch-tuesday

December 2014 Patch Tuesday

Posted December 9, 2014    BeyondTrust Research Team

This month marks the final Patch Tuesday of 2014. Most of what is being patched this month includes Internet Explorer, Exchange, Office, etc… and continues a trend of the greatest hits collection of commonly attacked Microsoft software. Probably the one thing that broke the mold this month is that for once there is not some…

Tags:
,