BeyondTrust Network Security Scanner v6.7.1: Building on Support for DevOps Use Cases

It is my pleasure to announce the 6.7.1 release of BeyondTrust’s Network Security Scanner. Our solution for scanning, prioritizing, and remediating vulnerabilities across the enterprise. Available as a standalone application, a host-based option, or as part of the BeyondTrust Enterprise Vulnerability Management solution, Network Security Scanner enables IT Security and Operations teams to efficiently identify IT exposures and prioritize remediation enterprise-wide.

BeyondTrust Network Security Scanner 6.7.1 builds on BeyondTrust’s support for DevOps use cases by adding new scanning and reporting capabilities for Docker containers. Keep reading for a highlight of new DevOps security features and enhancements!

Docker Container Scanning (New!)

DevOps teams must have the ability to quickly discover all Docker images and containers in their environments and report on their attributes. Network Security Scanner version 6.7.1 introduces new scanning capabilities against Docker containerization technology. With these new capabilities, organizations can quickly discover and accurately enumerate the attributes and vulnerabilities within Docker containers. This means that organizations can improve the control and visibility of Docker container usage, and mitigate potentially risky gaps in security, helping to support the further automation of DevOps processes.

The scanner can perform these subsets of enumerations and auditing compared to scanning a traditional host OS:

New! Access Report Scanning

Version 6.7.1 adds three new sections to the access report with expanded information of what was scanned and what wasn’t:

Unresponsive systems
Systems resolving to same IP address

This additional information provides context around scanning errors and enables effective troubleshooting.

Better Understand your Scan Schedules

Version 6.7.1 introduces a detailed view of scheduled scans, which allows users to right click on a scheduled job and see its details, including port group, audit group, scan options, and credential selected. This feature enables users to audit any previously scheduled jobs and better understand scan schedules.

Additional CIS Benchmark Certifications and STIG Benchmark

While previous versions of the Network Security Scanner have supported Security Content Automation Protocol (SCAP) benchmark assessments – along with CIS, DISA, Microsoft, and more – version 6.7.1 adds support for, and certification of, the following SCAP benchmarks released by the Central for Internet Security:

CIS Benchmark for CIS Oracle Database 11g R2 Benchmark, v2.2.0, Level 1- RDBMS
CIS Benchmark for CIS Oracle Database 11g R2 Benchmark, v2.2.0, Level 1- Linux Host OS
CIS Benchmark for CIS Oracle Database 11g R2 Benchmark, v2.2.0, Level 1- Windows Server Host
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- RDBMS using Tradition
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- Linux Host OS using T
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- Windows Server Host T
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- RDBMS using Unified A
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- Linux Host OS using U
CIS Benchmark for CIS Oracle Database 12c Benchmark, v2.1.0, Level 1- Windows Server Host U
CIS Benchmark for CIS Oracle Database Server 9i10g Benchmark, v2.0.1, Level 1
CIS Benchmark for CIS Oracle Database Server 9i10g Benchmark, v2.0.1, Level 2
CIS Benchmark for CIS Oracle Database Server 11g Benchmark v1.0.1, Level 1- 11.x on any platform
CIS Benchmark for CIS Oracle Database Server 11g Benchmark v1.0.1, Level 1- 11.2 on any platform

Network Security Scanner 6.7.1 has also added support for the Security Technical Implementation Guide (STIG) for: