Retina Protection Agent
Local vulnerability assessment and zero-day protection for your transient computing systems, and for those which require
added levels of protection from today’s complex threats. Retina Protection Agent is included with
the Retina CS Enterprise Vulnerability Management solution.
Stronger Networks Through Host Based Security
Remote vulnerability assessment will protect most systems, but what about those blocked by firewalls or segregated from the network? What about mobile and offline devices? These are potential gaps that could be exploited.
The Retina Protection Agent, included with Retina CS, closes the security gap created by systems that can't be reached with remote vulnerability assessments alone by providing a lightweight agent for local vulnerability assessment, continuous zero-day vulnerability monitoring, and intrusion prevention. Get complete risk discovery even for systems that are offline or disconnected from the network or 'exception' systems that can’t be changed due to external regulations. And, with RPA, you get an additional layer of protection with continuous zero-day vulnerability monitoring and intrusion prevention.
“Retina significantly improved network security, facilitates security compliance, and continues to be an important solution in the enterprise. ”Martin Maxwell
Network Management Team, CA Dept. of Transportation
- Local Vulnerability Assessment
- Provides local vulnerability assessment capabilities to close the gap created by systems that can't be reached with a remote vulnerability assessment alone.
- Zero-Day Protection and Intrusion Prevention
- Provides zero-day protection where a vendor has not yet created signatures or patches to protect against vulnerabilities in their operating system or application.
- Storage Protection
- Prevents data leakage by regulating usage of USB and Firewire storage devices, helping demonstrate institutional control for highly-regulated organizations.
- Centralized Visibility
- Provides full visibility into both remote and local vulnerabilities through the Retina CS Management Console and the integrated Retina Insight Threat Intelligence Module.
- Locally secure: Increased security through comprehensive local vulnerability scanning
- Solid foundation: Based upon the industry’s most respected vulnerability scanning technology, Retina Network Security Scanner.
- Simple migration: Faster mitigation with risk-level vulnerability prioritization with Retina CS.
- Efficient: Optimized network performance through non-intrusive scanning.
- Virtually secure: Reduce risk and close security gaps with vulnerability assessment for virtual applications.
Retina Protection Agent
Download this overview document containing capabilities, highlights and competitive advantages of Retina Protection Agent. Retina Protection Agent is a lightweight agent that augments Retina's remote vulnerability assessment with local vulnerability assessment capabilities. This simple tool eases the burden of meeting even the most stringent regulatory compliance, reduces security risks, and improves overall security across your environment.
Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild... more
Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 220.127.116.117 (included) is installed and enabled”... more
In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report... more
With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same. It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique... more
Like UNIX, at its core, Linux’s security model is basically monolithic – you either have root access or you don’t. But root access is too powerful for so many reasons; routinely using the actual root account – while easy and still frighteningly common – is so dangerous it borders on negligent. Auditors know about root... more
MS15-002 was one of the more interesting patches this month. As such, we spent quite a bit of time on it. But alas, it appears as though a pretty thorough analysis has already been posted at WooYun (http://drops.wooyun.org/papers/4621) which mostly aligns with our analysis of the issue. We believe this issue to be difficult to exploit... more
Starting off the new year, Microsoft directs its focus more toward user rights and access. For the majority of bulletins, an attacker would need some form of authentication prior to elevating their privileges. Aside from these, the most notable vulnerability lies within an old friend named Telnet, which even the newer versions of windows are... more
Before we start, let’s agree on three fundamental principles of protecting data: 1. Data is the most valuable asset your organization has (besides the folks who work for you anyway) 2. Data is like water – it will find the path of least resistance out of its current location 3. Based on its value and... more
Remember the Windows 95 Recycle Bin? It was a big leap forward to recovering “deleted” files. Well, it turns out that Active Directory has it’s own Recycle Bin for users, groups and computers, and it’s called… wait for it.. the Active Directory Recycle Bin. Here’s the good news about the Active Directory Recycle bin: *... more
Git’s Case-Insensitive Discrepancies: Exploiting GitHub For Windows And Microsoft Visual Studio (still affected)
A vulnerability within Git has been recently announced concerning the case-insensitive nature of the Windows file system. This vulnerability is unique in that fact that an attacker does have the ability to execute arbitrary code, however conventional exploitation methods, such as memory corruption, is not required. This article explores two ways to execute arbitrary, attacker... moreSee all Retina Protection Agent blog posts
Identifying, prioritizing, remediating, and mitigating
computer and network vulnerabilities.
Privileged Account Management
Managing user authorization to prevent internal data
breaches and meet compliance regulations.