Retina CS Enterprise Vulnerability Management

Retina delivers large-scale, cross-platform vulnerability assessment and remediation, with available configuration compliance, patch management and compliance reporting.

Enterprise Vulnerability Management for Your Dynamic IT Infrastructure

Retina CS is the only vulnerability management solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-oriented architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across disparate and heterogeneous infrastructure. Over 10,000 customers worldwide rely on Retina to enable visible, measurable and actionable vulnerability management across their organizations. Retina CS Enterprise Vulnerability Management enables you to:

  • Discover network, web, mobile, cloud and virtual infrastructure
  • Profile asset configuration and risk potential
  • Pinpoint vulnerabilities, malware and attacks
  • Analyze threat potential and return on remediation
  • Remediate vulnerabilities via integrated patch management
  • Report on vulnerabilities, compliance, benchmarks, etc.
  • Protect endpoints against client-side attacks

»  Compare Products

Watch Video: The 5 Keys to Context-Aware Vulnerability Management

Learn about Retina’s 5 Keys to Context-Aware Vulnerability Management

"[Retina's] long history with large deployments and advanced data analysis tools should be a value to enterprises looking to improve their vulnerability management practices."

Gartner 2014 - Gartner, Vulnerability and Security Configuration Assessment Solutions Comparison, Anton Chuvakin, 4.1.2014
Retina CS Enterprise Vulnerability Management

BeyondInsight Built-In

Retina CS is part of the BeyondInsight IT Risk Management Platform, which unifies Retina CS Enterprise Vulnerability Management with available PowerBroker privileged account management solutions. Capabilities include:

BeyondInsight Built-In
  • Centralized solution management and control via common dashboards
  • Asset discovery, profiling and grouping
  • Reporting and analytics
  • Workflow and ticketing
  • Data sharing between Retina and PowerBroker solutions

The result is a fusion of user and asset intelligence that allows IT and security teams to collectively reduce risk across complex environments.


Results-Driven Reporting and Analytics

With the most powerful reporting and analytics capabilities in its class, Retina CS makes it easy to make smart decisions, communicate risk, and report vulnerability management progress to executives and compliance auditors. more

  • Results-Driven Architecture: start by specifying what you want to accomplish, such as generating a HIPAA compliance report or analyzing yearly vulnerability trends
  • Intelligent Analytics: run what-if scenarios and team capacity analyses
  • Interactive Results: home in on data pertaining to a specific audience or goal
  • 260+ Actionable Reports: communicate with technical & non-technical audiences
  • Compliance Reporting: measure adherence to COBIT, GLBA, HIPAA, HITRUST, ISO-27002, ITIL, MASS 201, NERC-FERC, NIST, PCI, SOX and more
  • Advanced Threat Intelligence: gauge severity based on asset scoring, BeyondTrust malware & exploit research, exploit databases, exploitability indices, CVSS and more
  • Trending, Deltas, Threat Analyzers and Heat Maps: share vulnerability management progress with executives, compliance auditors and others
  • Configuration Benchmarking: scan against benchmarks including DISA Gold Disk, SCAP, NIST, FDCC, USGCB, & Microsoft®; customize images to match in-house policies; CIS Security Benchmark certified
  • SLA Compliance Reports: measure threat severity level against dynamic asset groupings
  • Pivot Grid Ad-Hoc Reporting: meet unique business requirements by creating customized reports using virtually any data collected by Retina
  • Third-Party Integration: share data with SIEM, GRC, NMS and help desk solutions

Unmatched Scalability and Flexibility for Large Enterprises

Retina’s multi-tier architecture gives you optimal scalability and maximum control over your enterprise vulnerability management processes. It is designed for simple deployment and management of networks with multiple firewalls, IDS/IPS, VLANS and disparate locations. more

  • Flexible Deployment: deploy software, appliances and/or virtual machines
  • N-Tier, Multitenant Architecture: ensure maximum scalability & gain centralized control
  • Role-Based Access: provide permissioned access to view, assess and report on data
  • Centralized Dashboards: consolidate and report on enterprise-wide activities
  • Scanner Pooling: direct multiple scanners to collaboratively assess large environments
  • Integrated Data Warehouse: sort and filter historical data to gain multiple perspectives
  • Modern User Interface: interact seamlessly with massive amounts of data
  • Local and Remote Scanning: cover segregated, firewalled and disparate infrastructure
  • Effortless Updates and Upgrades: expand capabilities through license key updates
  • Patch Management: remediate vulnerabilities with on-board patch management for Microsoft WSUS and SCCM for Microsoft and third-party applications

Zero-Gap Vulnerability Management for Diverse IT Environments

Able to discover and assess any IT resource in your organization, Retina CS offers zero-gap vulnerability management coverage of the largest, most diverse IT environments.more

  • Comprehensive Discovery: locate known and previously unknown assets across network (local and remote), web, mobile, cloud and virtual environments
  • Asset Profiling: gather information including IP, DNS, OS, MAC address, ports, services, software, processes, hardware, event logs and more
  • Asset SmartGroups: group, assess, and report on assets by IP range, naming convention, operating system, domain, applications, business function, Active Directory and more
  • Asset Context Awareness: evaluate SmartGroup value & risk based on collateral damage potential or target distribution, plus confidentiality, integrity and availability requirements
  • Vulnerability Assessment: flag vulnerabilities, attacks and malware by asset
  • Cloud Scanning: discover and scan online and offline Amazon®, GoGrid®, IBM®, Rackspace® and VMware® environments
  • VMware Verified: scan virtual environments requiring PCI and HIPAA compliance
  • Unmatched Reporting: tap into Retina’s central data warehouse for targeted reports
  • User Risk Discovery: map vulnerability management data to privilege and identity management data (from BeyondTrust PowerBroker) to reveal user-triggered risks
  • Scheduling and Alerts: schedule assessments and configure email alerts

"Using this console, security professionals and system administrators alike can easily find and analyze weaknesses throughout the entire enterprise infrastructure." - SC MAGAZINE 2014


Configuration Compliance Module

Define and manage security policies to monitor compliance with industry and internally developed benchmarks such as Microsoft, NIST, USBCG, and DISA STIGs.

Regulatory Reporting Module

Automated solutions to help navigate complex corporate policies, government regulations, and industry standards such as SOX, PCI, FISMA, and ISO.

Patch Management Module

Seamlessly integrated, automated, agentless Windows patch management closes the loop on unpatched vulnerabilities.


  • Retina CS Achieving PCI Compliance
    Retina CS
    Achieving PCI Compliance
  • Retina CS Enterprise Vulnerability Scanning
    Retina CS
    Enterprise Vulnerability Scanning
  • Retina CS Securing Cloud and Virtual Infrastructure
    Retina CS
    Securing Cloud and Virtual Infrastructure
  • Retina CS Continuous Compliance
    Retina CS
    Continuous Compliance
  • Retina CS Third Party Application Vulnerabilities
    Retina CS
    Third Party Application Vulnerabilities
  • Retina CS Mobile Device Assessment
    Retina CS
    Mobile Device Assessment
  • Watch Video: The 5 Keys to Context- Aware Vulnerability Management
    Learn about Retina's 5 Keys
    to Context-Aware Vulnerability Management