New Feature Highlights – BeyondInsight 6.4.4

New Single Sign-On for BeyondInsight, Analytics & Reporting, and PowerBroker Password Safe Simplifies Authentication

With its new single-sign on page, administrators now only need to authenticate once into BeyondInsight. Based on their role-based access, administrators can now navigate to all areas of the solution after the single authentication. This enhancement simplifies administration.

New Dashboard and Navigation Menu Improves Ease of Use

BeyondInsight version 6.4.4 features a new HTML5 dashboard that enables administrators to easily and quickly access the most important areas of BeyondInsight. The items on the dashboard are unique to each user’s role-based access, and enable a user to quickly perform discovery scans, set policy or check out a password. The new dashboard also provides quick access to view assets or generate reports. Please see the screenshot below for a representation of this new dashboard. BeyondInsight 6.4 also features a new HTML5 navigation menu that includes an always-present fly-out menu. This new menu enables the user with quick access to all the major areas of the solution. See the screenshot below. Each of these new enhancements improve the usability of BeyondInsight.

Analytics & Reporting Enhancements

BeyondInsight 6.4.4 features several reporting enhancements meant to get administrators the analytics they need to make the most informed risk-based decisions, including:

  • New Authentication Alert Summary report
  • New Authentication Alert by Smart Group
  • New PowerBroker for Windows Events by User and Rule report
  • Pivot Grid enhancements:
    • Optionally enable and export charts
    • Pivot on data (swap rows/columns)
    • New collapsible filters
  • Clarity enhancement: New Clarity PowerBroker Password Safe User Clustering

Additional Platform Enhancements

  • CVSS v3 Support: BeyondInsight 6.4.4 adds support for version 3 of the Common Vulnerability Scoring System (CVSS v3). BeyondInsight will now provide both CVSS v2 and CVSS v3 results – giving users a clearer and more consistent scoring system.
  • Added Support for Windows Server 2016: BeyondInsight can now be installed on Windows Server 2016.

In addition to new platform features and enhancements, some of the individual solutions that plug in to BeyondInsight have also been enhanced.

Retina: Authentication Alerts Ensure Thorough Scanning

To achieve a thorough vulnerability scan organizations must use privileged credentials. Unfortunately, it isn’t always evident if the credentialed scans being performed have the necessary privilege on each system being scanned. BeyondInsight’s new Authentication Alerts capability will now show in detail the privilege obtained by the scanner when scanning each asset. These new Authentication Alerts can be viewed in the Asset Grid as well as via two new reports: Authentication Alert Summary and Authentication Alert by Smart Group. See the screenshot below. This new capability will enable users to focus on targets where scanning credentials had less than administrator privileges or had no access at all, thus ensuring that thorough scans are performed.

Retina: Centrally-Managed Web Application Scanning

Earlier in 2017, with the release of Retina Network Security Scanner version 6.3, BeyondTrust announced its new web application scanning capabilities. Now, BeyondInsight 6.4.4 has been enhanced to allow for the centralized management of Retina’s web application scanning capabilities. This release includes two key features: Web application scan management control and web assessment reporting. These new capabilities ensure that scanning can be centrally managed, and that administrators can take action on results faster.

PowerBroker for Mac: User-Based Rules and Policy Ensure Consistent Security

In BeyondInsight, Central Policy enables customers to manage their PowerBroker for Mac rule set. Until now, this mode only allowed for targeting assets/computers. With version 6.4, however, by following and targeting policy to a user, in addition to machine-based policy, on whatever PowerBroker for Mac managed device users log in to, companies can better ensure a consistent security model and user experience throughout their networks.

PowerBroker Password Safe: BeyondInsight Integration

BeyondInsight offers the option to integrate with Active Directory. The integration can facilitate authentication into BeyondInsight via an AD account and also provides the ability for BeyondInsight to query AD groups (computers) for scan targets for discovery and assessment. Depending on how BeyondInsight is deployed, this integration could require the BeyondInsight administrator to give BeyondInsight credentials to properly communicate with AD. With BeyondInsight 6.4.4 administrators can now select a PowerBroker Password Safe on-boarded account to complete this integration. As a result, PowerBroker Password Safe has ownership of the account, its password can be reset with any frequency, and the connection between AD and BeyondInsight is never interrupted due to the integration between BeyondInsight and PowerBroker Password Safe.