Today, we’re excited to announce an update to the vulnerability assessment engine that drives Retina Network Security Scanner and Retina CS Enterprise Vulnerability Management. The release extends Retina’s vulnerability management scanning capabilities for web, virtual and network environments, representing another step in our quest to bring customers Zero-Gap visibility into their IT security risks. Here are some highlights of what’s in the latest version.
Improved Credentialed Scanning Efficiency
In most organizations, there is no one set of credentials that is used for the entire enterprise. In order to complete scans for all systems, Administrators are faced with a challenge: they can either provide multiple credentials to one scan job, with the hopes that the best credentials are used against each target. Or, they must create very targeted single credentialed scans, to increase the chance that scans are performed thoroughly.
BeyondTrust has overcome this challenge in Retina CS version 5.7 and Retina Network Security Scanner 5.23 with a new feature called “Smart Credentials.” This new capability is enabled by default and will cause Retina to select the credentials with the highest level of privileges on each scan target when multiple scan credentials are provided. This capability improves the efficiency of scanning, making scanning much more thorough than with other solutions available in the market.
Prioritize and Remediate Assets Based on Risk Score
Every organization categorizes IT asset risk differently based on their tolerance or the industry they are in. Regardless of how they measure it, organizations need the flexibility to measure risk according to their needs.
Retina CS version 5.7 introduces new asset risk analysis, giving the end user the option to “weight” their asset score by what matters most – Threat Risks (i.e. vulnerabilities and attacks) or Exposure Risks (i.e. ports, shares, services, accounts).
A new normalize function can be applied to redistribute the asset risks on a scale of 1 to 10, with 10 representing the highest risk. This new capability provides additional visibility into the risks that matter most to organizations, helping them further prioritize remediation.
Improved Visibility through Enhanced Reporting Features
Retina CS version 5.7 and Retina Network Security Scanner version 5.23 introduce several new analytics and reporting enhancements meant to improve efficiency and visibility which include:
- Enhanced Clarity Malware report. This report will now display the source of the malware detection (PBEPP, Network Based or Global Threat Detection).
- New Extended Vulnerability Export report enables users to filter by Audit Risk. This is a cloned report from the existing Extended Vulnerability Export report, which is mapped to PCI risk.
- Import Summary Report can now be saved as a CSV, helpful when reviewing imported data from BeyondSaaS, Retina RTD, Rapid7 Nexpose, QualysGuard and Tenable Nessus.
- Options to migrate subscriptions from one user account to another
- Option to filter by Audit Group for all SLA breakdown reports
Alejandro DaCosta, Product Manager
As Product Manager, Alex DaCosta is responsible for designing the company’s Vulnerability Management solutions. Alex joined BeyondTrust via the company’s acquisition of eEye Digital Security, where he held senior positions as Security Engineer in both pre and post sales operations. As a Senior Security Engineer, Alex was responsible for the success of demonstrating, architecting and implementing the Company’s enterprise solutions. Alex graduated from California State University, Long Beach with a Bachelors of Science Degree in Management Information Systems.