Analytics
1/29/2014
10:39 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

BeyondInsight Provides Collaborative Approach To IT Risk Management

BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions

PHOENIX, January 29, 2014 – BeyondTrust®, the security industry's only provider of Context-Aware Security Intelligence, today announced the release of BeyondInsight&trade, a new IT risk management platform that unifies two foundational security methodologies: Privileged Account Management and Vulnerability Management. BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions, offering centralized asset discovery, reporting, analytics, and other platform capabilities that enable unprecedented synchronization and collaboration between IT and Security operations. By correlating privilege, access and vulnerability data, the BeyondInsight platform provides a clearer, more-informed picture of enterprise risk.

"Large-scale data breaches often begin with an attacker exploiting a single external vulnerability on a low-level system, and then capitalizing on privileges to gain access to critical systems and data," said Marc Maiffret, CTO at BeyondTrust. "BeyondInsight delivers a comprehensive view of the vulnerabilities that provide doors into an environment, as well as the privileges that present corridors to sensitive assets. With BeyondInsight, security teams will benefit from being able to correlate vulnerability information with user activity, while IT gains a clearer view of how privilege policies impact overall security. This fusion of asset and user intelligence enables IT and security to collectively reduce risk across complex environments."

The BeyondInsight IT Risk Management Platform is an integrated suite of software solutions used by IT professionals and security experts to collaboratively:

Reduce user-based risk and mitigate threats to information assets

Address security exposures across large, diverse IT environments

Comply with internal, industry and government mandates

Provide synergy and collaboration for multiple teams from operations to security

With BeyondInsight, security and IT professionals can jointly keep track of assets, assess risk, ensure compliance, and communicate progress throughout the organization. In addition to providing granular, role-based access to specific vulnerability and privilege management capabilities, BeyondInsight offers centralized asset discovery, asset profiling, management, reporting, and analytics capabilities. All results and data are stored in a central data warehouse and leveraged to inform future vulnerability and privilege management activities.

"As the threat landscape evolves, prioritizing and remediating vulnerabilities continues to be a challenge faced by most organizations," said Javvad Malik, Senior Analyst, Enterprise Security Practice, 451 Research. "Attackers routinely seek to obtain privilege accounts, therefore, combining both privilege and vulnerability management into one platform, as BeyondTrust has done, can help organizations make better-informed risk decisions."

Users can configure BeyondInsight for privileged account management, vulnerability management, or both, with a variety of BeyondTrust PowerBroker® and Retina software solutions. The solutions can be used in conjunction with one another, and all are integrated for maximum data sharing and operational efficiency.

Utilizing BeyondTrust's PowerBroker solutions, IT professionals can easily enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity. BeyondInsight's Retina CS Enterprise Vulnerability Management capabilities provide security teams with context-aware vulnerability assessment and risk analysis. Retina's results-driven architecture enables security professionals to proactively identify exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure.

"Recent attacks against prominent financial services institutions, retailers and government agencies have demonstrated that the threat environment has profoundly changed," said Mark Kraska, Vice President of Engineering and Director of Compliance at eHealth Technologies, Inc. "With BeyondInsight, we'll be able to not only manage privileges and reveal vulnerabilities, but also gain insights into how privileges and vulnerabilities interconnect and impact our overall security posture in the context of our most important business priorities. This will allow us to see and manage risk like never before."

BeyondTrust is an industry leader in vulnerability management and privileged account management with nearly two decades of experience helping sophisticated organizations protect themselves from cyber-attacks. For more information on the company, or BeyondInsight, please visit: http://www.beyondtrust.com/.

About BeyondTrust

BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting.

BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, auditing and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments.

With more than 25 years of global success, BeyondTrust is the pioneer of both Vulnerability Management and Privileged Account Management solutions for heterogeneous IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world's 10 largest banks, eight of the world's 10 largest aerospace and defense firms, and 7 of the 10 largest U.S. pharmaceutical companies, as well as renowned universities across the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web