The Buyer's Guide for Complete Privileged Access Management (PAM) is the most thorough tool for holistically assessing your privileged access security needs and mapping them to modern privilege management solutions.
This release is available by download from the BeyondTrust Client Portal (https://www.beyondtrust.com/support/) and using the BeyondTrust Auto-Updater.
The MD5 signature is: 2355c36b365c08c7eaca503078ffc3c7
The SHA-1 signature is: e8dfbe66cb38f222bb678df244228d84857707a9
New Features and Enhancements:
Support for the following Security Technical Implementation Guide (STIG) benchmark:
Red Hat Enterprise Linux 7 STIG Benchmark - Ver 2, Rel 2
Support for the following Center for Internet Security (CIS) SCAP benchmarks:
CIS Benchmark for Oracle Database 9i/10g v2.0.1
CIS Benchmark for Oracle Database 11g v1.0.1
CIS Benchmark for Oracle Database 11g R2 v2.2.0
CIS Benchmark for Oracle Database 12c v2.1.0
Ability to scan running Windows-based Docker containers.
Improved synthetic IP assignment when scanning Docker images and containers.
Enhanced details of port related processes when scanning Docker containers.
Obtain the IP addresses of foreign connections when scanning Docker containers.
Enumerate processes in Docker container scans.
Provide details about forwarded ports when scanning Docker containers.
Perform Authenticode verification of binaries run during Docker container scanning.
Properties can be viewed for completed and scheduled scans by right-clicking on the jobs grid.
Web Assessment report has been updated to OWASP 2017.
Improved ability to perform credential scans of IoT devices.
Improved Linux/Unix user enumeration.
Added SSH based OS detection for VMware vCenter.
Enhanced the authentication alerts for Cisco devices.
Support for audit 74023 ("Microsoft RDP BlueKeep Vulnerability").
Alert if the number of users enumerated on a target exceeds the job limit.
Added support for sudo elevation without a password.
Allow for sudo passwords greater than 128 bytes in length.
Enumeration dependency popup is no longer required or displayed when running a scan job.
Adjusted default central policy v2 interval to 30 minutes.
Web application scanning support for login pattern matching within frames.
Improved web application scanning cookie handling.
Support for routing web application scanning traffic through a web proxy.
Access report includes targets which failed to scan.
Option to include database discovery results in XML Assessment report.
Improved primary IP address reporting to the management console.
Prefix filename with "Error-" when an XML Assessment report fails to completely generate.
Rebranded "BeyondTrust Security Scanner Agent" to "Local Scan Service".
Improved performance of CHECK_FILE_VER_RECUR audits by removing redundant directory checks.
Improved the presentation of the tested and found values for certain Windows Registry audits.
Include TCP/53 in the default discovery port list.
PuTTY component upgraded to include security fixes through .71.
SQLite component upgraded to v3.29.0.
Python component upgraded to v2.7.16.
OpenSSL component upgraded to v1.1.1.
Microsoft Visual C++ 2017 x86 runtime upgraded to v14.22.27281.
Update TCP (NMAP) OS fingerprint database to version 37702.
Licensing component upgraded to v3.7.1.
Resolved an issue where the address group dialog can exceed the screen size.
Resolved an issue with being unable to save web application scan results to a PDF file.
Resolved an issue with audit false positives related to Apache on Ubuntu.
Resolved an issue with DHCP status on *nix targets always reporting as false.
Resolved an issue with the configuration tool failing to set central policy password if the scanner engine service isn't running.
Resolved an issue with audit false positives related to Windows Defender.
Resolved an issue with audit false positives related to Microsoft Office and Visual Studio components.
Resolved an issue with redundant data returned in discovered IP enumeration.
Resolved an issue with scan results not purged when recovering from an error.
Resolved an issue with user enumeration results being included in scan results even when enumeration option is disabled.
Resolved an issue with software enumeration results being included in scan results even when enumeration option is disabled.
Resolved an issue with process enumeration results being included in scan results even when enumeration option is disabled.
Resolved an issue with Local Scan Service having no limit on number of exception files created.
VMware offline scanning is supported only for virtual machines with Windows installed as the guest operating system.
For Vulnerability Management (formerly Retina) 651 and UVM embedded scanners, database scanning works only for Microsoft SQL Server and Oracle databases. MySQL database scanning is not supported.
Authentication requirements for custom audits are not properly defined.
After the Engine service has stopped, the raw packet driver continues to run.
When using the Local Scan Service option, SCAP scan jobs running against Red Hat targets could take several minutes to enter a paused or scan-restricted state.
Features that use the Microsoft .NET framework - including SCAP support, the audit modification and customization dialogs, PowerShell integration, reporting, and the guided user interface - require Microsoft .NET 4.5.2 or higher.
Network Security Scanner 6.4.0 and higher install the Microsoft Universal C runtime.
Network Security Scanner 6.4.0 and higher install the Microsoft Visual C++ 2017 x86 runtimes.
Network Security Scanner 6.0.1 and higher install the Microsoft Visual C++ 2008 x86 runtimes.
To scan offline VMware virtual machines without having to power them on prior to scanning, you must have BeyondInsight installed.
VMware offline scanning requires VMware's Virtual Disk Development Kit (VDDK). Please see KB001042 for directions for obtaining and installing the VMware VDDK (http://kb.beyondtrust.com/home/viewkb/KB001042).
Scanning of MySQL databases depends upon the prior installation of an ODBC driver; Connector/ODBC 5.1 or higher is recommended.
Database scanning will yield the best results with the most powerful users; for MySQL, this will be the 'root' user; for Oracle, it will be the 'sys' user acting 'AS SYSDBA'.
Scanning of Amazon Web Services instances requires BeyondInsight.