Beyondtrust

Retina Network Security Scanner:
Comprehensive Vulnerability Assessment

Retina Network Security Scanner is the security industry’s most respected and validated vulnerability assessment tool. It also serves as the scan engine for Retina CS Enterprise Vulnerability Management.

Find Vulnerabilities Across Network, Web, Virtual and Database Environments

With over 10,000 deployments since 1998, BeyondTrust Retina Network Security Scanner is the most sophisticated vulnerability assessment solution on the market. Available as a standalone application or as part of Retina CS Enterprise Vulnerability Management, Retina Security Scanner enables you to efficiently identify IT exposures and prioritize remediation enterprise-wide.

  • Continually monitor and improve enterprise security posture
  • Identify IT assets and sensitive data across disparate environments
  • Find security exposures in network, web, database and virtual assets
  • Prioritize remediation based on real risk to critical assets
  • Easily deploy and scale from small to large environments
  • Realize optimal performance via non-intrusive scanning
  • Get fast, frequent updates from the BeyondTrust Research Team
Vulnerability scanning that is fast and non-intrusive
Retina Network Security Scanner optimizes network performance and scan network devices, operating systems, applications, and databases, without impacting availability or performance.
The most comprehensive vulnerability database
The Retina vulnerability database is continually updated by the renowned BeyondTrust Research Team, allowing you to stay on top of the most current threats.
Flexible and scalable vulnerability assessment deployments
Retina can be deployed as a standalone vulnerability scanner, distributed throughout an environment, and integrated with Retina CS for enterprise deployments.
Flexible licensing, including unlimited IPs for $1,200
Retina licensing is flexible to cost-effectively meet your specific vulnerability assessment needs. A full-featured, unlimited IP, unlimited user version is available for $1,200 USD.
  • Discover all network (local and remote), web and virtual assets in your environment.
  • Reveal at-risk personally identifiable information (PII) and other sensitive data.
  • Identify system, application, database, OS and web application vulnerabilities via agent-based and/or agentless scanning.
  • Assess risk and prioritize remediation based on exploitability (from Core Impact®, Metasploit®, Exploit-db), CVSS, & other factors.
  • Confirm exploitability through penetration testing, with one click to the open-source Metasploit Framework
  • Audit personally Identifiable Information (PII) on remote targets.
  • Report progress and results to colleagues in management, compliance, audit, risk and other roles.
  • Analyze threats and gain deeper security intelligence by upgrading to Retina CS Enterprise Vulnerability Management.
  • Share data with popular solutions for SIEM, GRC and other security management platforms.

NETWORK VULNERABILITY ASSESSMENT

  • Assess network devices, operating systems, applications, ports and services against a vast, constantly updated vulnerability database
  • Accurately identify vulnerabilities with a false positive rate below 1%
  • Perform Class C network scans in under 15 minutes on average
  • Leverage ICMP, registry, NetBIOS, and the Nmap signature database, as well as proprietary OS fingerprinting capabilities
  • Audit Windows devices using local or domain credentials
  • Perform local assessments of Cisco®, Linux, Unix® and other devices via SSH tunneling
  • Adjust scans for custom machine configurations, ports and applications via automated input/output data reconciliation on each port
  • Support SCAP-compliant, continuous vulnerability and configuration monitoring per DIACAP, FISMA, STIG, FDCC and USGCB guidelines
  • Get PCI DSS scanning and reporting capabilities out of the box

DATABASE VULNERABILITY ASSESSMENT

  • Scan Oracle®, Microsoft SQL Server® and MySQL databases for security exposures

WEB APPLICATION VULNERABILITY ASSESSMENT

  • Conduct automated vulnerability assessment and web crawling with no scripting required
  • Detect OWASP Top Ten vulnerabilities including SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, OS Command Injection and more
  • Fully integrated into the Retina assessment engine
  • Compare web application testing capabilities across Retina products

VIRTUAL VULNERABILITY ASSESSMENT

  • Conduct VMware vCenter® scans with detailed risk intelligence for ESXi and virtual machines
  • Scan online & offline virtual images, plus virtualized application templates (ThinApp® packages)
  • Schedule scans to automatically update the vCenter console with centralized compliance and risk information
  • Stay updated on new vulnerabilities that could impact the hyper-visor and virtual machines

Datasheet

Retina Network Security Scanner

Retina Network Security Scanner

Download this overview document containing capabilities, highlights and competitive advantages of Retina Network Security Scanner. RNSS is the most sophisticated vulnerability assessment solution on the market. Available as a standalone application or as part of the Retina CS unified vulnerability management platform, Retina Network Security Scanner enables you to efficiently identify IT exposures and prioritize remediation enterprise-wide.

Documentation

Retina 5.20 New and Updated Features

Retina 5.20 New and Updated Features

Both Retina Network Security Scanner and Retina CS Enterprise Vulnerability Management benefit from the v5.20 updates, which offer expanded scanning coverage for virtual, web and network environments. As a result, IT and security leaders gain the visibility they need to better understand and mitigate the data breach risks facing their organizations.

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

6/26/2015

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now. more

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

2/27/2015

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent... more

Why MAS Compliance is Still a Real MUST

11/12/2014

As reported in our blog earlier this year MAS guidelines are set to change the way financial institutions conduct business in Singapore. Now, nearly four months past the compliance date of July 2014, we are revisiting the guidelines that surround the regulations. Non-compliance was said to result in the following implications for financial institutions: Financial... more

Introducing Retina v5.20: Expanded Vulnerability Assessment Coverage for Zero-Gap Visibility

11/4/2014

Today, we’re excited to announce new releases of both our Retina vulnerability assessment technology and the BeyondInsight risk management platform. Here’s a brief overview of what’s new in Retina. Retina v5.20 is an update to the vulnerability assessment engine that drives Retina Network Security Scanner and Retina CS Enterprise Vulnerability Management. The release extends Retina’s... more

Failing the Security Basics: Backoff Point-of-Sale Malware

8/22/2014

At the beginning of this month, US-CERT issued a security alert relating to a string of breaches that had been targeting Point of Sale (POS) systems. The alert details that attackers were leveraging brute forcing tools to target common remote desktop applications such as Microsoft’s Remote Desktop, Apple Remote Desktop, Splashtop and LogMeIn among others.... more

Statistics, Claims, Marketing and Leadership in IT Risk Management

6/12/2014

Good marketing plans and effective technology can place unmovable stakes in the ground in terms of statistics and claims. You see these every day in the form of ROI calculations, customer results, performance figures … the list goes on. The intention, to put it bluntly, is to point out differentiators that help customers select one... more

Vulnerability Scanning for PCI DSS Compliance with BeyondTrust Retina

5/19/2014

I’m pleased to announce that BeyondTrust’s Retina Enterprise Vulnerability Management has successfully completed PCI Scanning Vendor Compliance Testing. This means that Retina meets all PCI Security Standards Council requirements to perform PCI data security scanning. This also marks the fifth year that BeyondTrust is an Approved Scanning Vendor (ASV). Where Vulnerability Scanning Comes into Play... more

Seizing Windows of Opportunity for Vulnerability Assessment

4/1/2014

The change control process for many organizations dictates that vulnerability assessment scanning can only occur during predefined scan windows. During these times, teams are notified that an assessment will be conducted and that alerts from IDS/IPS sensors, SIEMS, and local AV agents should be ignored or whitelisted from the scanners. This is a very typical... more

Addressing the MAS Technology Risk Management Guidelines with Privilege and Vulnerability Management

3/12/2014

The Monetary Authority of Singapore (MAS) is Singapore’s central bank and financial regulatory authority. The MAS frequently releases guidelines that address emerging technologies and evolving threat landscape. In June 2013, the MAS created an updated set of guidelines for Internet Banking and Technology Risk Management (IBTRM). This addendum mandates certain requirements for Technology Risk Management... more

Neophytes and Professionals

2/14/2014

There is a first time for everything. Your first steps, your first date, your first child, your first vulnerability assessment scan. A first time for everything. The Retina Network Security Scanner Unlimited makes taking the first step incredibly easy and affordable. For security professionals, it is just another step in making sure your assets are... more

See all Retina blog posts

VMware Plug-in for Retina

The industry's first and only vulnerability management solution directly integrated into vCenter.

DATASHEET VMWARE SURVEY Watch Video

Retina CS Enterprise Vulnerability Management

Delivers large-scale, cross-platform vulnerability assessment and remediation, with available configuration compliance, patch management and compliance reporting.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Cofiguration Compliance Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Patch Management Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina CS Enterprise Vulnerability Management

The Regulatory Reporting Module can be purchased as an add-on to Retina CS, which delivers large-scale, cross-platform vulnerability assessment and remediation.

Learn More Request a Free Trial

Retina Network Security Scanner

Integrated network, web & virtual vulnerability assessment. Retina is the security industry’s most respected and industry-validated security scanner and serves as the engine for our vulnerability management solutions. There is no better option for securing your network from vulnerabilities.

Learn More Request a Free Trial

Retina Web Security Scanner

Rapidly and accurately scan large, complex web sites and web applications to tackle web-based vulnerabilities including cross-site scripting (XSS) and SQL injection.

Learn More Request a Free Trial

PowerBroker Event Vault

Automate and streamline the collection and management of standard Windows event log data and provide scalable and flexible centralized storage in the PowerBroker event database.

Learn More Request a Free Trial

PowerBroker Identity Services

Quickly and easily integrate your Unix and Linux servers into your Active Directory infrastructure.

Learn More Request a Free Trial

PowerBroker Identity Services Open Edition

Available as a free and open source version of PowerBroker Identity Services, giving you the access and flexibility to tailor your Active Directory bridging project

Download Now

PowerBroker for Unix & Linux

Quickly and easily manage root access on Unix and Linux servers, without ever disclosing the system password.

Learn More Request a Free Trial

PowerBroker for Windows

Implement least privilege for your Windows desktop environment, reducing attack surface and driving down costs.

Learn More Request a Free Trial

PowerBroker Auditor
for Active Directory

Track unauthorized changes to Active Directory and Group Policy configurations.

Learn More Request a Free Trial

PowerBroker Auditor
for Exchange

Tracks and reports all changes made to all Exchange Server configurations, groups, mailbox policies, information store changes, and permissions in a centralized audit log.

Learn More Request a Free Trial

PowerBroker Auditor
for File System

Enables tighter security and control over file system resources, including real-time tracking, interactive analysis, and flexible reporting on all key share, file, and folder changes.

Learn More Request a Free Trial

PowerBroker Auditor
for SQL Server

Monitor and review privileged user changes on SQL servers. Easily map your SQL activities with regulatory mandates such as GLBA, SOX, HIPAA, and PCI through consistent auditing and reporting.

Learn More Request a Free Trial

PowerBroker Privilege Explorer

Provides a centralized view of access and privileges, so you can be sure that users have access to the resources they need to do their jobs, and only those resources.

Learn More Request a Free Trial

PowerBroker Endpoint Protection Platform

Formerly known as "Blink", multi-layered security and attack prevention for windows desktops and servers.

Learn More Request a Free Trial

PowerBroker Recovery
for Active Directory

Advanced continuous data protection for Active Directory, providing unparalleled visibility and change control.

Learn More Request a Free Trial

PowerBroker Servers Enterprise

Combine the power of our Unix/Linux root delegation and our AD bridging for an enterprise approach to server compliance

Learn More Request a Free Trial

PowerBroker Password Safe

Automate Password Management for Increased Security across your entire dynamic infrastructure.

Learn More Request a Free Trial

BeyondSaaS

A cloud-based, external vulnerability assessment solution that conducts fast, affordable security assessments of your public-facing network infrastructure and web applications.

Learn More Request a Free Trial

BeyondInsight

Merge privileged account management and vulnerability management solutions into a single, contextual lens through which to view and address user and asset risk.

Learn More Request a Free Trial

Retina Protection Agent

Close the security gap created by systems that can't be reached with remote vulnerability assessments alone with this lightweight agent for local vulnerability assessment, continuous zero-day vulnerability monitoring, and intrusion prevention.

Learn More

Configuration Compliance Module

This Retina CS add-on module defines and manages security policies to monitor compliance with industry and internally developed benchmarks such as Microsoft, NIST, USBCG, and DISA STIGs.

Learn More

Patch Management Module

This Retina CS add-on module seamlessly integrated, automated, agentless Windows patch management closes the loop on unpatched vulnerabilities.

Learn More

Regulatory Reporting Module

This Retina CS add-on module contains automated solutions to help navigate complex corporate policies, government regulations, and industry standards such as SOX, PCI, FISMA, and ISO.

Learn More
Compare Retina Products

Compare Retina Products

The Retina family of products offers many levels of protection and unique features for a variety of needs. Explore this comparison table to find the vulnerability management solution that is right for you.

Compare Retina Products

Vulnerability Management

Identifying, prioritizing, remediating, and mitigating
computer and network vulnerabilities.

Privileged Account Management

Managing user authorization to prevent internal data
breaches and meet compliance regulations.

Fusing
PAM & VM For
Stronger IT Security