Enterprise Vulnerability Management Software for Dynamic IT Environments
Retina CS is the only vulnerability management software solution designed from the ground up to provide organizations with context-aware vulnerability assessment and risk analysis. Retina’s results-oriented architecture works with users to proactively identify security exposures, analyze business impact, and plan and conduct remediation across disparate and heterogeneous infrastructure. Over 10,000 customers worldwide rely on Retina to enable visible, measurable and actionable vulnerability management across their organizations. Retina CS Enterprise Vulnerability Management software enables you to:
- Discover network, web, mobile, cloud, virtual and IoT infrastructure
- Profile asset configuration and risk potential
- Pinpoint vulnerabilities, malware and attacks
- Analyze threat potential and return on remediation
- Remediate vulnerabilities via integrated patch management (optional)
- Report on vulnerabilities, compliance, benchmarks, etc.
- Protect endpoints against client-side attacks
- Make more informed privilege decisions
When integrated with PowerBroker Privileged Access Management platform solutions, Retina CS enables you to disrupt all stages of the cyber attack chain. The solutions combine best-in-class privilege, password and vulnerability management on top of a centralized reporting and analytics platform. As a result, you can efficiently reduce your organization’s attack surface, prevent lateral movement by attackers, and actively detect and respond to in-progress breaches.
Zero-Gap Vulnerability Management for Diverse Infrastructure
Able to discover and assess any IT resource in your organization, Retina CS offers zero-gap vulnerability management coverage of the largest, most diverse IT environments. Agentless and agent-based scanning protects assets, whether they are connected to your network or not.
Unmatched Scalability and Flexibility for Large Enterprises
Retina’s multi-tier architecture gives you optimal scalability and maximum control over your enterprise vulnerability management processes. It is designed for simple deployment and management of networks with multiple firewalls, IDS/IPS, VLANS and disparate locations.
Results-Driven Reporting and Analytics
With the most powerful reporting and analytics capabilities in its class, Retina CS makes it easy to make smart decisions, communicate risk, and report vulnerability management progress to executives and compliance auditors.
The Largest Ecosystem of Integrated Partner Solutions
Out-of-the-box integration with multiple SIEMs and firewalls connects the dots on risk analysis, giving security teams a holistic view of enterprise-wide security and enabling prioritization of the most impactful risks regardless of the source.
Internet of Things (IoT) Vulnerability Scanning
Retina’s built-in IoT audits enable organizations to Identify the make and model of vulnerable IoT devices, and safely check them for default and hard-coded credentials used with Telnet, SSH, or Basic HTTP Authentication.
Fully Integrated Authenticated Scanning
Retrieve credentials with the highest level of privileges through native integration with PowerBroker Password Safe on each scan target when multiple scan credentials are provided. Using Password Safe in conjunction with Retina eliminates the concern of internally sharing highly-privileged credentials, or having static, never-changing, scan credentials.
Make Better Privilege Decisions with Vulnerability Insights
Leverage patented technology to automatically scan applications for vulnerabilities at run time to better inform IT and security teams on privileged access, enforce quarantine, reduce application privileges, or prevent the launch of applications altogether based on policy.
Common Criteria Certified
Common Criteria is an internationally recognized set of guidelines created to insure a high and consistent standard for evaluating information security products. You can have confidence in the security of the products that have earned this certification through extensive independent lab evaluations, and avoid the cost and complexity of additional testing. Retina CS has earned Common Criteria Certification under an Evaluation Assurance Level (EAL)2+.
THE BEST VULNERABILITY MANAGEMENT REPORTING
Intelligent Analytics: Run what-if scenarios and team capacity analyses to inform resource allocation decisions.
Interactive Results: Home in on data pertaining to a specific audience or goal.
260+ Actionable Reports: Communicate with technical and non-technical audiences.
Compliance Reporting: Map vulnerability and configuration audits to COBIT, GLBA, HIPAA, HITRUST, ISO-27002, ITIL, MASS 201, NERC-FERC, NIST, PCI, SOX and more (optional).
Advanced Threat Intelligence: Gauge severity based on asset scoring, BeyondTrust malware & exploit research, NSRL, exploit databases, CVSS v2 & v3, CWE and more.
Trending, Deltas, Threat Analyzers and Heat Maps: Share vulnerability management progress with executives, compliance auditors and others.
Configuration Benchmarking: Scan against benchmarks including DISA Gold Disk, SCAP, NIST, FDCC, USGCB, CIS and Microsoft®; customize images to match in-house policies; CIS Security Benchmark certified (optional).
SLA Compliance Reports: Measure threat severity level against dynamic asset groupings.
Pivot Grid Ad-Hoc Reporting: Meet unique business requirements by creating customized reports using virtually any data collected by Retina.
Third-Party Integration: Share data with SIEM, GRC, NMS and help desk solutions.
VULNERABILITY MANAGEMENT CAPABILITIES THAT GO BEYOND SCANNING
Comprehensive Discovery: Locate known and previously unknown assets across network (local and remote), web, mobile, cloud and virtual environments.
Asset Profiling: Gather information including IP, DNS, OS, MAC address, ports, services, software, processes, hardware, event logs and more.
Asset Smart Groups: Group, assess, and report on assets by IP range, naming convention, operating system, domain, applications, business function, Active Directory and more.
Asset Context Awareness: Evaluate Smart Group value & risk based on collateral damage potential or target distribution, plus confidentiality, integrity and availability requirements.
Customizable Asset Risk: Weigh asset risks based on threat risk or exposure risk, and then apply a scale of 1-10 to prioritize remediation.
Cloud Scanning: Discover and scan online and offline Amazon®, GoGrid®, IBM®, Rackspace® and VMware® environments.
Patch Management: Remediate vulnerabilities with onboard patch management for Microsoft WSUS and SCCM for Microsoft and third-party applications (optional).
Unmatched Reporting: Tap into the included BeyondInsight central data warehouse for targeted reports.
User Risk Discovery: Map vulnerability management data to privileged account management data (from BeyondTrust PowerBroker solutions) to reveal user-triggered risks.
Scheduling and Alerts: Schedule assessments and configure email alerts.
ENTERPRISE VULNERABILITY MANAGEMENT FOR LARGE ENVIRONMENTS
Flexible Deployment: Deploy software, appliances and/or virtual machines.
N-Tier, Multitenant Architecture: Ensure maximum scalability & gain centralized control.
Scalable Scan Engines: Each Retina scan engine can singlehandedly cover a Class-A network.
Credential Management: Retina CS automatically selects the credentials with the highest level of privileges on each scan target when multiple credentials are provided.
Retina Protection Agent: Local assessment, continuous zero-day monitoring, and intrusion prevention for offline devices.
Role-Based Access: Provide permissioned access to view, assess and report on data.
Centralized Dashboards: Consolidate and report on enterprise-wide activities.
Scanner Pooling: Direct multiple scanners to collaboratively assess large environments.
Integrated Data Warehouse: Sort and filter historical data to gain multiple perspectives.
Modern User Interface: Interact seamlessly with massive amounts of data.
Local and Remote Scanning: Cover segregated, firewalled and disparate infrastructure.
Effortless Updates and Upgrades: Expand capabilities through license key updates.
Retina Host Security Scanner: Very Fast and highly accurate host-based scanning of cloud, virtual and remote platforms.
Internet of Things Scanning: Identify at-risk IoT devices, such as IP cameras, DVRs, printers, routers, and more. Download free Retina IoT scanner.
Enterprise Vulnerability Management with Retina CS
1 "What's on My Network?"
Today’s IT infrastructures are complex, with a mix of in-house physical and virtual systems, cloud-based environments, BYOD and a honeypot of networks derived from mergers and acquisitions. You may not know what is actually plugged into your networks and where the risks are. With agentless and optional agent technology, Retina CS can discover and assess all enterprise assets regardless of network complexity or device type.
2 No More Massive Reports
Vulnerability reports can be overwhelming. Retina CS delivers unmatched reporting and analytics to help organizations quickly understand their risk and properly prioritize remediation efforts. The solution also includes BeyondInsight threat analytics capabilities that help identify anomalies associated with security risks, often buried and missed, within large volumes of scan data.
3 Prioritize Remediation
Any vulnerability management tool can scan and produce a data dump of found vulnerabilities. Few extend beyond that silo to correlate vulnerable applications to those that are actually being used, on what systems and by what users. BeyondTrust provides this additional value, enabling organizations to focus their remediation efforts on applications that pose a higher risk as they are actively being used vs. those that may be part of a standard company image but seldom or never used.
4 Make Auditors Happy
Retina CS helps organizations identify, assess and manage IT risks associated with PCI, HIPPA, SOX, GLBA and several other compliance mandates. The solution makes it simple to demonstrate compliance via enumerated data mapping and automated report generation. Retina CS also provides compliance-driven dashboards to make it easy to respond to compliance violations.