Retina Network
Vulnerability Scanner

Retina Network Security Scanner is the security industry’s most respected and validated vulnerability assessment tool. It also serves as the scan engine for Retina CS Enterprise Vulnerability Management.

Find Vulnerabilities Across Network, Web, Virtual and Database Environments

With over 10,000 deployments since 1998, BeyondTrust Retina Network Security Scanner is the most sophisticated vulnerability assessment solution on the market. Available as a standalone application or as part of Retina CS Enterprise Vulnerability Management, Retina Security Scanner enables you to efficiently identify IT exposures and prioritize remediation enterprise-wide.

  • Continually monitor and improve enterprise security posture
  • Identify IT assets and sensitive data across disparate environments
  • Find security exposures in network, web, database and virtual assets
  • Prioritize remediation based on real risk to critical assets
  • Easily deploy and scale from small to large environments
  • Realize optimal performance via non-intrusive scanning
  • Get fast, frequent updates from the BeyondTrust Research Team
Fast and Non-Intrusive Vulnerability Scanning

Fast and Non-Intrusive Vulnerability Scanning

Retina Network Security Scanner optimizes network performance and scan network devices, operating systems, applications, and databases, without impacting availability or performance.

Flexible and Scalable Vulnerability Assessment

Flexible and Scalable Vulnerability Assessment

Retina can be deployed as a standalone vulnerability scanner, distributed throughout an environment, and integrated with Retina CS for enterprise deployments.

The Most Comprehensive Vulnerability Database

The Most Comprehensive Vulnerability Database

The Retina vulnerability database is continually updated by the renowned BeyondTrust Research Team, allowing you to stay on top of the most current threats.

Flexible Licensing; Unlimited IPs

Flexible Licensing; Unlimited IPs

Retina licensing is flexible to cost-effectively meet your specific vulnerability assessment needs. A full-featured, unlimited IP, unlimited user version is available for one low price.


Discover all network (local and remote), web and virtual assets in your environment.

Reveal at-risk personally identifiable information (PII) and other sensitive data.

Identify system, application, database, OS and web application vulnerabilities via agent-based and/or agentless scanning.

Assess risk and prioritize remediation based on exploitability (from Core Impact®, Metasploit®, Exploit-db), CVSS, & other factors.

Confirm exploitability through penetration testing, with one click to the open-source Metasploit Framework

Audit personally Identifiable Information (PII) on remote targets.

Report progress and results to colleagues in management, compliance, audit, risk and other roles.

Analyze threats and gain deeper security intelligence by upgrading to Retina CS Enterprise Vulnerability Management.

Share data with popular solutions for SIEM, GRC and other security management platforms.


Assess network devices, operating systems, applications, ports and services against a vast, constantly updated vulnerability database

Accurately identify vulnerabilities with a false positive rate below 1%

Perform Class C network scans in under 15 minutes on average

Leverage ICMP, registry, NetBIOS, and the Nmap signature database, as well as proprietary OS fingerprinting capabilities

Audit Windows devices using local or domain credentials

Perform local assessments of Cisco®, Linux, Unix® and other devices via SSH tunneling

Adjust scans for custom machine configurations, ports and applications via automated input/output data reconciliation on each port

Support SCAP-compliant, continuous vulnerability and configuration monitoring per DIACAP, FISMA, STIG, FDCC and USGCB guidelines

Get PCI DSS scanning and reporting capabilities out of the box


Conduct automated vulnerability assessment and web crawling with no scripting required

Detect OWASP Top Ten vulnerabilities including SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, OS Command Injection and more

Fully integrated into the Retina assessment engine

» Compare web application assessment capabilities across the Retina family of solutions.


Scan Oracle®, Microsoft SQL Server® and MySQL databases for security exposures


Conduct VMware vCenter® scans with detailed risk intelligence for ESXi and virtual machines

Scan online & offline virtual images, plus virtualized application templates (ThinApp® packages)

Schedule scans to automatically update the vCenter console with centralized compliance and risk information

Stay updated on new vulnerabilities that could impact the hyper-visor and virtual machines