The Retina Difference: Customers Speak

About this White Paper

Differentiator #1: Visibility and Reporting to Prioritize Remediation

Security administrators today are inundated with data – recommended patches, vulnerabilities, risk scores, and more – with very little tangible guidance on what to do with that data. Often lacking is actionable information – beyond just the data – to help prioritize what to focus on first. This lack of context puts security administrators in a difficult position. How do you ensure you’ve protected your enterprise without spending hours poring over vulnerability reports? Prioritization is the key to helping IT teams deliver protection that scales.

In a survey of more than 90 customers, those customers indicated that the visibility and reporting that Retina provided helped to prioritize remediation.

This differentiator was important to Genscape, Inc., the leading global provider of real-time data and intelligence for commodity and energy markets. Genscape was looking to:

  • Gain visibility into exposures across multiple layers of infrastructure
  • Profile previously unknown assets on the network
  • Understand the operational implications of vulnerabilities
  • Report risk to IT administrators, management and/or auditors
  • Identify and prioritizing remediation tactics
  • Patch / update assets with greater efficiency

After looking at competitive solutions, including Rapid7 and Tenable, they turned to BeyondTrust. In the words of Mike Sartuche, Director of Security and Network Infrastructure, “BeyondTrust has allowed us to identify assets that are vulnerable to the latest threats as soon as they hit like POODLE, Heartbleed, and others. It allows us to prioritize the remediation process and the reporting is top notch.”

Retina CS delivers deep analytics and reporting to multiple stakeholders, ensuring that all teams have the information and views they need to effectively manage application and asset risk. A dashboard interface simplifies reporting, helping teams indicate the type of information needed.

Need more evidence? Check out the Retina CS report summary.

Differentiator #2: Increased Vulnerability Management Efficiency

In vulnerability management, efficiency is measured by rates of detection, rates of false positives, and rates of remediation. IT teams gauge a vulnerability management solution’s efficiency by whether it helps them quickly find and remediate the most critical instances.

In a survey of more than 80 customers, those customers indicated that the vulnerability management efficiency increases gained by using BeyondTrust Retina were a competitive differentiator. This differentiator was important to BMC, the global software solutions company, who was looking to:

  • Reduce the risk of security breaches
  • Shrink the attack surface
  • Reduce security data overload
  • Meet compliance regulations
  • Tighten operational practices
  • Integrate with other solutions

BMC chose BeyondTrust Retina CS over McAfee, Qualys and Tripwire (Belden). In the words of Saurabh Verma, Security Officer, “BeyondTrust Retina has made our security lives pretty comfortable as it’s a one stop solution for us as we scan, detect, and patch vulnerabilities effortlessly. Kudos to BeyondTrust Retina.”

Retina CS addresses every phase of the vulnerability management lifecycle – from assessment to remediation – eliminating the need for multiple, sometimes overlapping, solutions to address vulnerability management risks. All BeyondTrust vulnerability management solutions are included in the BeyondInsight IT Risk Management platform for unified reporting, analytics, policy and management across the environment. This approach delivers efficiency and cost savings.

Need more evidence? Check out the sample vulnerability management policy to help guide the maturity of your vulnerability management program.

Differentiator #3: Enterprise Scalability

IT organizations must conduct scans across dispersed, heterogeneous environments with maximum performance and minimum service interruption. To achieve that objective, their vulnerability management solutions must be architected for anything from simple deployment to management of networks with multiple firewalls, IDS/IPS, VLANS and disparate locations. BeyondTrust Retina CS delivers on this customer requirement.

In a survey of more than 100 customers, those customers indicated that BeyondTrust’s enterprise scalability was a competitive differentiator versus other options in the vulnerability management market. As evidence, take a look at the quote from a system administrator from a Large Enterprise Security Products and Services Company below.

This differentiator was also important to Standard Bank of South Africa, one of South Africa’s largest financial institutions, who was looking to:

  • Gain visibility into exposures across multiple layers of infrastructure
  • Profile previously unknown assets on the network
  • Report risk to IT administrators, management and auditors
  • Identify and prioritize remediation tactics

After evaluating McAfee, Qualys and Tenable, they chose BeyondTrust Retina CS. In the words of Andrew De Lange, Engineer, “The drive for more efficient patch management has increased tenfold since our implementation. We are the trusted source the company looks to for all kinds of data collected in our scans, not just vulnerabilities.”

The Retina CS console provides a centralized management, reporting and analytics solution across the enterprise’s assets and endpoints. Retina CS includes Smart Rules to logically group, alert, report, assess, and govern under role based application control (RBAC). Additionally, Retina CS can create a compliance scorecard, present risk ratings, and create reports on benchmarks and deviations. Targeted reports are available for audiences ranging from security and IT administrators to executives and compliance auditors.

You just can’t match this level of enterprise scalability anywhere in the industry. To learn more, check out the Retina CS product review conducted by Frost & Sullivan.

Differentiator #4: Zero-Gap Coverage

IT organizations understand that one of the simplest ways to maintain a strong security posture is to ensure coverage of the IT infrastructure – no virtual machine, database, server or application can exist on the network without vulnerability management coverage – no gaps allowed. However, without the right solution, it’s becoming increasingly difficult for IT organizations to put a zero-gap policy into practice. As enterprises grow, so does its IT infrastructure complexity. It only takes the exploitation of one asset’s vulnerability to compromise a network.

In a survey of more than 80 customers, the overwhelming majority of those customers indicated that BeyondTrust Retina CS reduced their security exposure by up to 25%. Customers indicated that Retina’s zero-gap platform coverage was a competitive differentiator versus other options in the vulnerability management market.

This differentiator was important to VCU Health System, a leading research hospital and medical center in Virginia, who was looking to:

  • Scan remote assets or other offline/air-gapped systems
  • Profile previously unknown assets on the network
  • Understand the operational implications of vulnerabilities
  • Report risk to IT administrators, management and auditors
  • Identify and prioritize remediation tactics
  • Patch/Update assets with greater efficiency

After evaluating McAfee and Rapid7, VCU Health chose Retina CS. In the words of Peter Ring, systems administrator, “Retina has given us a security view we had never had. We use it extensively on all of our servers, both in the DMZ and internal. We also use it on any external servers we are responsible for.”

Retina CS provides zero-gap coverage, discovering and assessing any IT resource in the organization including network, web, mobile, cloud and virtual infrastructures. Having this zero-gap coverage reduces risk by ensuring that no assets are left unprotected.

Need more evidence? Check out the Retina CS’s platform coverage, including network vulnerability assessments, cloud vulnerability assessments, virtual environment scanning, web application vulnerability assessments, and mobile device scanning.

document