Analytics
1/29/2014
10:39 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

BeyondInsight Provides Collaborative Approach To IT Risk Management

BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions

PHOENIX, January 29, 2014 – BeyondTrust®, the security industry's only provider of Context-Aware Security Intelligence, today announced the release of BeyondInsight&trade, a new IT risk management platform that unifies two foundational security methodologies: Privileged Account Management and Vulnerability Management. BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions, offering centralized asset discovery, reporting, analytics, and other platform capabilities that enable unprecedented synchronization and collaboration between IT and Security operations. By correlating privilege, access and vulnerability data, the BeyondInsight platform provides a clearer, more-informed picture of enterprise risk.

"Large-scale data breaches often begin with an attacker exploiting a single external vulnerability on a low-level system, and then capitalizing on privileges to gain access to critical systems and data," said Marc Maiffret, CTO at BeyondTrust. "BeyondInsight delivers a comprehensive view of the vulnerabilities that provide doors into an environment, as well as the privileges that present corridors to sensitive assets. With BeyondInsight, security teams will benefit from being able to correlate vulnerability information with user activity, while IT gains a clearer view of how privilege policies impact overall security. This fusion of asset and user intelligence enables IT and security to collectively reduce risk across complex environments."

The BeyondInsight IT Risk Management Platform is an integrated suite of software solutions used by IT professionals and security experts to collaboratively:

Reduce user-based risk and mitigate threats to information assets

Address security exposures across large, diverse IT environments

Comply with internal, industry and government mandates

Provide synergy and collaboration for multiple teams from operations to security

With BeyondInsight, security and IT professionals can jointly keep track of assets, assess risk, ensure compliance, and communicate progress throughout the organization. In addition to providing granular, role-based access to specific vulnerability and privilege management capabilities, BeyondInsight offers centralized asset discovery, asset profiling, management, reporting, and analytics capabilities. All results and data are stored in a central data warehouse and leveraged to inform future vulnerability and privilege management activities.

"As the threat landscape evolves, prioritizing and remediating vulnerabilities continues to be a challenge faced by most organizations," said Javvad Malik, Senior Analyst, Enterprise Security Practice, 451 Research. "Attackers routinely seek to obtain privilege accounts, therefore, combining both privilege and vulnerability management into one platform, as BeyondTrust has done, can help organizations make better-informed risk decisions."

Users can configure BeyondInsight for privileged account management, vulnerability management, or both, with a variety of BeyondTrust PowerBroker® and Retina software solutions. The solutions can be used in conjunction with one another, and all are integrated for maximum data sharing and operational efficiency.

Utilizing BeyondTrust's PowerBroker solutions, IT professionals can easily enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity. BeyondInsight's Retina CS Enterprise Vulnerability Management capabilities provide security teams with context-aware vulnerability assessment and risk analysis. Retina's results-driven architecture enables security professionals to proactively identify exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure.

"Recent attacks against prominent financial services institutions, retailers and government agencies have demonstrated that the threat environment has profoundly changed," said Mark Kraska, Vice President of Engineering and Director of Compliance at eHealth Technologies, Inc. "With BeyondInsight, we'll be able to not only manage privileges and reveal vulnerabilities, but also gain insights into how privileges and vulnerabilities interconnect and impact our overall security posture in the context of our most important business priorities. This will allow us to see and manage risk like never before."

BeyondTrust is an industry leader in vulnerability management and privileged account management with nearly two decades of experience helping sophisticated organizations protect themselves from cyber-attacks. For more information on the company, or BeyondInsight, please visit: http://www.beyondtrust.com/.

About BeyondTrust

BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting.

BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, auditing and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments.

With more than 25 years of global success, BeyondTrust is the pioneer of both Vulnerability Management and Privileged Account Management solutions for heterogeneous IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world's 10 largest banks, eight of the world's 10 largest aerospace and defense firms, and 7 of the 10 largest U.S. pharmaceutical companies, as well as renowned universities across the globe.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web