Analytics
1/29/2014
10:39 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

BeyondInsight Provides Collaborative Approach To IT Risk Management

BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions

PHOENIX, January 29, 2014 – BeyondTrust®, the security industry's only provider of Context-Aware Security Intelligence, today announced the release of BeyondInsight&trade, a new IT risk management platform that unifies two foundational security methodologies: Privileged Account Management and Vulnerability Management. BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions, offering centralized asset discovery, reporting, analytics, and other platform capabilities that enable unprecedented synchronization and collaboration between IT and Security operations. By correlating privilege, access and vulnerability data, the BeyondInsight platform provides a clearer, more-informed picture of enterprise risk.

"Large-scale data breaches often begin with an attacker exploiting a single external vulnerability on a low-level system, and then capitalizing on privileges to gain access to critical systems and data," said Marc Maiffret, CTO at BeyondTrust. "BeyondInsight delivers a comprehensive view of the vulnerabilities that provide doors into an environment, as well as the privileges that present corridors to sensitive assets. With BeyondInsight, security teams will benefit from being able to correlate vulnerability information with user activity, while IT gains a clearer view of how privilege policies impact overall security. This fusion of asset and user intelligence enables IT and security to collectively reduce risk across complex environments."

The BeyondInsight IT Risk Management Platform is an integrated suite of software solutions used by IT professionals and security experts to collaboratively:

Reduce user-based risk and mitigate threats to information assets

Address security exposures across large, diverse IT environments

Comply with internal, industry and government mandates

Provide synergy and collaboration for multiple teams from operations to security

With BeyondInsight, security and IT professionals can jointly keep track of assets, assess risk, ensure compliance, and communicate progress throughout the organization. In addition to providing granular, role-based access to specific vulnerability and privilege management capabilities, BeyondInsight offers centralized asset discovery, asset profiling, management, reporting, and analytics capabilities. All results and data are stored in a central data warehouse and leveraged to inform future vulnerability and privilege management activities.

"As the threat landscape evolves, prioritizing and remediating vulnerabilities continues to be a challenge faced by most organizations," said Javvad Malik, Senior Analyst, Enterprise Security Practice, 451 Research. "Attackers routinely seek to obtain privilege accounts, therefore, combining both privilege and vulnerability management into one platform, as BeyondTrust has done, can help organizations make better-informed risk decisions."

Users can configure BeyondInsight for privileged account management, vulnerability management, or both, with a variety of BeyondTrust PowerBroker® and Retina software solutions. The solutions can be used in conjunction with one another, and all are integrated for maximum data sharing and operational efficiency.

Utilizing BeyondTrust's PowerBroker solutions, IT professionals can easily enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity. BeyondInsight's Retina CS Enterprise Vulnerability Management capabilities provide security teams with context-aware vulnerability assessment and risk analysis. Retina's results-driven architecture enables security professionals to proactively identify exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure.

"Recent attacks against prominent financial services institutions, retailers and government agencies have demonstrated that the threat environment has profoundly changed," said Mark Kraska, Vice President of Engineering and Director of Compliance at eHealth Technologies, Inc. "With BeyondInsight, we'll be able to not only manage privileges and reveal vulnerabilities, but also gain insights into how privileges and vulnerabilities interconnect and impact our overall security posture in the context of our most important business priorities. This will allow us to see and manage risk like never before."

BeyondTrust is an industry leader in vulnerability management and privileged account management with nearly two decades of experience helping sophisticated organizations protect themselves from cyber-attacks. For more information on the company, or BeyondInsight, please visit: http://www.beyondtrust.com/.

About BeyondTrust

BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting.

BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, auditing and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments.

With more than 25 years of global success, BeyondTrust is the pioneer of both Vulnerability Management and Privileged Account Management solutions for heterogeneous IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world's 10 largest banks, eight of the world's 10 largest aerospace and defense firms, and 7 of the 10 largest U.S. pharmaceutical companies, as well as renowned universities across the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2886
Published: 2014-09-18
GKSu 2.0.2, when sudo-mode is not enabled, uses " (double quote) characters in a gksu-run-helper argument, which allows attackers to execute arbitrary commands in certain situations involving an untrusted substring within this argument, as demonstrated by an untrusted filename encountered during ins...

CVE-2014-4352
Published: 2014-09-18
Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVE-2014-4353
Published: 2014-09-18
Race condition in iMessage in Apple iOS before 8 allows attackers to obtain sensitive information by leveraging the presence of an attachment after the deletion of its parent (1) iMessage or (2) MMS.

CVE-2014-4354
Published: 2014-09-18
Apple iOS before 8 enables Bluetooth during all upgrade actions, which makes it easier for remote attackers to bypass intended access restrictions via a Bluetooth session.

CVE-2014-4356
Published: 2014-09-18
Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen.

Best of the Web
Dark Reading Radio