BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Tidings from the Year 2036: The Search for Relevant Security Data

Posted June 24, 2014    Morey Haber

A few years ago, I wrote a blog post about finding personal information online. I recently Googled myself again to see who knows what about me. I expected to find some posts and papers I’ve written, and maybe some of my contact details. Instead, the majority of the first-page results associate my name with a certain John Titor, “time traveller” from the year 2036. Sadly, this isn’t true (I’d be a much richer man if it were).

So what does this have to do with BeyondTrust? Well, it’s about the power of search and the importance of being able to find the information you need. With the overload of data available from security solutions today, the ability to quickly find relevant, meaningful information can mean the difference between maintaining a secure environment and suffering a breach.

Let’s take a look at the search capabilities within the BeyondInsight IT Risk Management Platform, which serves as a centralized management, analytics and reporting console for several of our vulnerability and privilege management solutions. To start with, all grids and panels in the BeyondInsight console have powerful search and filter bars:

blog-tidings-img1

BeyondInsight users can enter any expression or word to search for a specific asset, vulnerability, attack, user, event, etc. While this is basic functionality, the sheer fact that this functionality exists in every management grid is incredible. This means that if you ever find yourself overwhelmed with results, you can filter and search to home in on the data you need. Even more importantly, the old-school floppy disk icon allows you to save the results view to a CSV or XLS.

So what else can we turn up in BeyondInsight? Lets take a look at the Analytics and Reporting Module, which delivers over 260 reports plus a structured big data warehouse. If you’re not sure where to look, you can find specific report by entering a simple query, such as “Export”:

blog-tidings-img2

The results for “Export” include all the reports capable of exporting data in flat formats. We can then drill down further by searching within the reports for specific assets, accounts, vulnerabilities, etc.

In this day and age of omniscient Internet search engines, you’d think these seemingly basic search capabilities would be standard in all software solutions. However, take a close look at other security solutions, and you’ll find search capabilities to be lacking to say the least. Users are often forced to generate the report, download the results, and use native tools like PDF search. These long-winded approaches to pinpointing security data can be just as cumbersome as using Google to find information on a specific person. You need to scroll through pages of results, or attempt to narrow your search parameters to exactly what you need.

It would be so much easier to simply save the search filters or parameters to display exactly what you need and what you want others to see. BeyondInsight Smart Rules enable you to do just that: build targeted searches, narrow them to what you need, and save them for later use.

blog-tidings-img3

BeyondTrust solutions are designed and implemented to find the data you need to be productive and efficient. Whether you’re filtering results, finding a report template, or building saved queries, the technology delivers actionable results – not guesses based on similar fields or false positives.

As I mentioned above, a Google search of my name returns several false positives. I really need a Smart Filter to remove the garbage and show only the work I’m doing at BeyondTrust. If you’re a BeyondInsight customer, you’ll find that you have it much easier.

> Learn more about BeyondInsight for vulnerability and privilege management
> Learn about the Retina CS vulnerability reporting capabilities in BeyondInsight

Tags:
, , , , , , , , ,

Leave a Reply

Additional articles

PBPS-screenshot-blog aug2014

Failing the Security Basics: Backoff Point-of-Sale Malware

Posted August 22, 2014    Marc Maiffret

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others….

Tags:
, , , , , ,

Troubleshooting Windows Privilege Management Rules with Policy Monitor

Posted August 21, 2014    Jason Silva

When defining and testing PowerBroker for Windows rules for production or pilots, customers sometimes tell us, “I don’t think this policy / program is working.” This is usually a case of the policy not properly triggering because of the way the rule was created. A unique feature of PowerBroker for Windows compared to other solutions is a client-side…

Tags:
, , ,
darren-mar-elia

BeyondTrust Webcast: Darren Mar-Elia’s 4 Active Directory Change Scenarios to Track

Posted August 20, 2014    Chris Burd

In our latest webcast, we joined Darren Mar-Elia, CTO at SDM Software, to discuss best practices for Active Directory (AD) change management. Here are some key takeaways from the presentation, followed by a link to a full-length video of the presentation. Mar-Elia kicks things off with a critical insight: that the best AD change management…

Tags:
, , , , , , ,