BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Top Vulnerability Management Trending and Delta Reports

Posted April 1, 2011    Morey Haber

Every organization wants to know where they are going and where they have been.  Performing an analysis on the here and now only gives a snapshot that gives little perspective into how things have progressed or patterns for the future. For vulnerability assessment, many clients rely on delta reports to compare scan jobs and data warehousing solutions to look at long term trends. Unfortunately, many tools lack this basic capability and users are left “hand jamming” reports themselves or ignoring the value of historical data.  eEye’s Retina solutions provide both capabilities and make the results easy to use for any organization.

The first solution I would like to review with you is Retina CS. Retina CS is a Unified Vulnerability Management Solution that allows full assessment, mitigation, and protection against vulnerabilities. It is results driven architecture that allows you to produce comprehensive results without asking technical questions about how do I get the data I need. One of the key elements in this approach is delta reporting.  A user can select any number of Delta Reports within the solution and provide a comparison for any two scans or all data collected between two time/date ranges filtered by logical groups. Below is a small sample for these delta report templates:

The results of these produce a list of assets with the changes identified and statistics regarding the changes (the data has been trimmed for illustration purposes):

This produces one of the best reports for monitoring change control in an environment and for snapshot based trending. This is a fundamental requirement of many regulatory compliance initiatives and a simple task with Retina CS.

The next step in trending is to see this data for long periods of time using a data warehouse solution. Retina Insight provides this perspective through a Vulnerabilities Delta Report by Month:

This perspective highlights which vulnerabilities have been added over time (due to auto updates of the vulnerability database), what the cumulative total is for the environment, and which vulnerabilities have been remediated and confirmed fix. As with the other blogs on this topic and sample reports, I am using the same sample database for this example. It is no surprise that things are looking worse over time and existing procedures are not mitigating the risks fast enough in relation to the expanding security threats identified.  (I am just glad this is a lab data and not a real client.) Now, what makes this graph so compelling is the drill down capabilities illustrated in  the partial screen shot below:

For any given month, a user can drill into the vulnerabilities by what was Removed (fixed), Added (new vulnerabilities added to the database and detected in the environment), and what is Existing (found month after month). This is my favorite vulnerability trending report and it provides that inherent view into the past and potentially what is to come.  I consider these two reports essential for any vulnerability management project. These are the top favorites for vulnerability management trending and delta reports within eEye Solutions.

For more information on eEye’s Unified Vulnerability Management solution, please click here.

Leave a Reply

Additional articles

red-thumbprint

Why big data breaches won’t always be so easy

Posted September 19, 2014    Byron Acohido

This blog post is republished with the permission of ThirdCertainty. See the original post here. – By: Byron Acohido, Editor-In-Chief, ThirdCertainty Some day, perhaps fairly soon, it will be much more difficult for data thieves to pull off capers like the headline-grabbing hacks of Home Depot and Target. That’s not a pipe dream. It’s the projected outcome…

Tags:
, , , , ,
pbps-blog2

8 Reasons Your Privileged Password Management Solution Will Fail

Posted September 18, 2014    Chris Burd

Leveraging complex, frequently updated passwords is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do two out of three data breaches tie back to poor password management? The fact is that not all privileged password management strategies are created equal, so it’s critical…

Tags:
, , , , , ,
pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,