Analytics
10/21/2011
04:24 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

eEye Releases the First and Only Free Vulnerability Management Solution, Retina CS Community

Retina CS Community can identify and patch vulnerabilities in third-party applications

PHOENIX, AZ – Oct. 18, 2011 - eEye Digital Security, the company that provides Security in Context, today announced the general availability of Retina CS Community, the first and only IT security product to integrate vulnerability management along with patching for both Microsoft and common third-party applications from a single console at no cost to organizations.

With this release, eEye dramatically decreases the cost of managing IT security risks, especially for mid-size organizations that are often resource strapped and dealing with budgetary restrictions. Retina CS Community uniquely provides centralized vulnerability management, built-in patching, and vulnerability scanning for Blackberry mobile devices and virtualized applications at no cost, delivering benefits which include:

Reduced security risks with the most cost-effective vulnerability management product available for up to 128 assets. More effective and efficient remediation efforts with automated patching for both Microsoft and third-party applications including Mozilla Firefox and Adobe's Distiller, Elements, Reader, Flash and Shockwave. Increased visibility and automated vulnerability assessment for Blackberry mobile devices and virtualized applications.

A key capability of Retina CS Community is the ability to identify and patch vulnerabilities in third-party applications, such as Adobe and Firefox, which are quickly becoming a favored attack vector for hackers. Retina CS Community addresses the growing security risks associated with these third-party applications by extending Microsoft Windows Server Update Services (WSUS) beyond Microsoft application patching to also provide patching for third-party applications. With Retina CS Community, organizations get increased value around existing WSUS installations with a single, integrated solution for both Windows and third-party application patching.

“Retina CS Community expands eEye’s growing list of free security resources to help organizations understand where their weak points are and close security and compliance gaps,” said Brad Hibbert, Vice President of Strategy, eEye Digital Security. “We are very excited to provide this security industry first to help organizations of all sizes reduce security risks and make vulnerability management more efficient and effective, especially around third-party application patching, mobile devices and virtual application scanning.”

Retina CS Community is immediately available for free download at http://www.eeye.com/CSCommunity. About eEye Digital Security

Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye’s world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private-sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.