- Discover and classify virtual and cloud-based assets, and their associated vulnerabilities
- Share real-time asset, threat and user intelligence with their security villages
- Prevent their Internet of Things (IoT) devices from becoming enslaved by Mirai
- Increase their visibility into malicious files with NSRL data
- Determine their most critical vulnerabilities even with superseded updates
- Leverage the collective intelligence of CVSS v3 and CWE frameworks
- Expedite SCAP configuration benchmark assessments
Scan Cloud Environments and Share Security IntelligenceConnecting your security village’s asset, threat and user data together, translating it into actionable intelligence, and synchronizing that knowledge across multiple systems can be a game changer! Retina CS 6.2 adds the following certified third-party integrations:
- Google Cloud Platform: Identify assets and scan for vulnerabilities within Google’s Cloud Platform
- Kenna Security: Forward Retina vulnerability scan data to Kenna for correlation with its real-time threat intelligence sources
- TAXII / STIX: Generate a STIX Incident Report to be consumed by a TAXII Inbox (push) Service. Our incident report includes Observables, Tactics, Techniques and Procedures (TTPs) and related Incidents
- NetIQ Sentinel: Forward BeyondInsight event data to NetIQ Sentinel SIEM in Log Extended Event Format (LEEF)
- Exabeam: Forward BeyondInsight analytics data to Exabeam SIEM in Common Event Format (CEF)
Stop Your IoT Devices from Going RogueWith the addition of a new IoT audit group, Retina now has the capability to identify defenseless IoT devices such as Samsung IP cameras, Dahua DVRs, Xerox printers and SMC routers. Utilizing specific device information, Retina is able to reliably pinpoint the make and model of a particular IoT device, and safely test whether or not it’s using default or hard-coded credentials.
Leverage NSRL Data to Spot Malicious FilesIn addition to checking for active malware and publically available exploits, Retina CS 6.2 compares hashes from enumerated services and processes and executed applications with the National Software Reference Library (NSRL). NSRL contains data that enables organizations to more easily uncover dangerous files within their environments.
Consolidated Reports for Superseded UpdatesWhile applying one consolidated patch is operationally easier, this comes at the price of limited visibility – as only the risk scores of the latest update’s vulnerabilities are displayed. In this latest release, Retina introduces a consolidated remediation report, which also displays the “rolled up” vulnerability with the highest threat score.
CVSS v3 and CWE CompatibilityEarlier this year FIRST announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). Retina now has the capability of reporting both the CVSS v2 and v3 results – giving you clearer and more consistent scoring. In addition, this version of Retina has also added Common Weakness Enumeration (CWE) to its audit database. This allows organizations to search for software coding flaws, bugs, and other errors that if left unchecked could leave organizations vulnerable to attack.
Enhanced SCAP Scan EngineWhile previous versions of Retina have supported Security Content Automation Protocol (SCAP) benchmark assessments, along with CIS, DISA, Microsoft, and more, Retina 6.0 adds the capability to check multiple SCAP benchmarks per scan job – eliminating the need to manually “pair up” configuration assessments with only those targets that are applicable. Want additional information on these new features? Download what’s new in Retina CS 6.2 and Retina 6.0. Also, be sure to watch our what's new in Retina video to see these latest capabilities in action. For more, contact us today!
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.