Perimeter
10/20/2011
08:04 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

eEye Announces Industry’s First Vulnerability Management Solution For Virtualized Applications

Solution is now available as part of eEye's Retina suite of products

PHOENIX, AZ—Oct. 20, 2011—eEye Digital Security, the company that provides Security in Context, today unveiled the security industry's first solution for securing virtualized applications, which is now available as part of eEye's Retina suite of products. With this release, Retina provides additional levels of security for virtualized application packages deployed via VMware’s ThinApp™ technology.

Retina now identifies and prioritizes vulnerabilities and configuration risk in both physical and virtualized applications and systems, as well as offers the remediation guidance to ensure that risk is addressed promptly and efficiently. This new development, unique to Retina, will help in safeguarding enterprises and government agencies alike against attacks that target virtualized applications.

This new capability provides unprecedented levels of visibility into virtualized environments, delivering these benefits:

Reduced risk, by ensuring VMware ThinApp applications are properly discovered and are part of standard vulnerability management processes Increased visibility and automated vulnerability assessment for VMware ThinApp packages Dramatically decreased time, effort, and cost associated with the discovery and remediation of vulnerabilities within virtualized applications

"We are excited to see the new capability eEye brings to the security management of virtual applications,” said Vittorio Viarengo, Vice President, End User Computing Products, VMware. “With eEye Retina’s integration with VMware ThinApp, users will be able to maintain a strong compliance and security footprint as they simplify application management.”

Remediating vulnerabilities in virtualized applications is a challenge for both private-sector and government organizations, which typically do not even know these vulnerabilities exist. Now, with Retina, those challenges are easy to overcome.

“This advance was designed with our security-in-context principle in mind, which holds that while security vulnerabilities exist, it’s the ability to view them in context, how they apply to an enterprise individually, that allows an organization to more effectively manage risk,” said Brad Hibbert, vice president of strategy, eEye Digital Security. “Retina is the industry’s first and only security solution for virtualized applications that will dramatically slash vulnerability management woes in virtual and cloud environments. We were pleased to work with VMware to create even more value for our commercial and government customers."

Availability This unique new capability is now available with the Retina suite of products, including Retina CS Community, eEye’s free vulnerability management solution.

Join the Web Event Join eEye and VMWare for a cohosted webinar: Closing the Virtual App Security Gap. Learn more about the benefits of application virtualization along with critical steps to secure these applications. Register today. About eEye Digital Security

Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye’s world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private-sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DONOVAN BURBA
50%
50%
DONOVAN BURBA,
User Rank: Apprentice
3/6/2012 | 9:05:48 PM
re: eEye Announces Industry’s First Vulnerability Management Solution For Virtualized Applications
I encourage all info security professional to read up on the Retina Network Scanner here:

http://dougvitale.wordpress.co...

Lots of screen shots showing how to set up and launch scans.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

CVE-2014-2392
Published: 2014-04-24
The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer log...

CVE-2014-2393
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or HTML via a Drive filename that is not properly handled during use of the composer to add an e-mail attachment.

CVE-2011-5279
Published: 2014-04-23
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.

CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

Best of the Web