Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

1/29/2014
10:39 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

BeyondInsight Provides Collaborative Approach To IT Risk Management

BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions

PHOENIX, January 29, 2014 – BeyondTrust®, the security industry's only provider of Context-Aware Security Intelligence, today announced the release of BeyondInsight&trade, a new IT risk management platform that unifies two foundational security methodologies: Privileged Account Management and Vulnerability Management. BeyondInsight provides a common dashboard interface for multiple BeyondTrust solutions, offering centralized asset discovery, reporting, analytics, and other platform capabilities that enable unprecedented synchronization and collaboration between IT and Security operations. By correlating privilege, access and vulnerability data, the BeyondInsight platform provides a clearer, more-informed picture of enterprise risk.

"Large-scale data breaches often begin with an attacker exploiting a single external vulnerability on a low-level system, and then capitalizing on privileges to gain access to critical systems and data," said Marc Maiffret, CTO at BeyondTrust. "BeyondInsight delivers a comprehensive view of the vulnerabilities that provide doors into an environment, as well as the privileges that present corridors to sensitive assets. With BeyondInsight, security teams will benefit from being able to correlate vulnerability information with user activity, while IT gains a clearer view of how privilege policies impact overall security. This fusion of asset and user intelligence enables IT and security to collectively reduce risk across complex environments."

The BeyondInsight IT Risk Management Platform is an integrated suite of software solutions used by IT professionals and security experts to collaboratively:

Reduce user-based risk and mitigate threats to information assets

Address security exposures across large, diverse IT environments

Comply with internal, industry and government mandates

Provide synergy and collaboration for multiple teams from operations to security

With BeyondInsight, security and IT professionals can jointly keep track of assets, assess risk, ensure compliance, and communicate progress throughout the organization. In addition to providing granular, role-based access to specific vulnerability and privilege management capabilities, BeyondInsight offers centralized asset discovery, asset profiling, management, reporting, and analytics capabilities. All results and data are stored in a central data warehouse and leveraged to inform future vulnerability and privilege management activities.

"As the threat landscape evolves, prioritizing and remediating vulnerabilities continues to be a challenge faced by most organizations," said Javvad Malik, Senior Analyst, Enterprise Security Practice, 451 Research. "Attackers routinely seek to obtain privilege accounts, therefore, combining both privilege and vulnerability management into one platform, as BeyondTrust has done, can help organizations make better-informed risk decisions."

Users can configure BeyondInsight for privileged account management, vulnerability management, or both, with a variety of BeyondTrust PowerBroker® and Retina software solutions. The solutions can be used in conjunction with one another, and all are integrated for maximum data sharing and operational efficiency.

Utilizing BeyondTrust's PowerBroker solutions, IT professionals can easily enforce least-privilege best practices and provide the access employees need to perform their jobs safely, without obstructing IT or end-user productivity. BeyondInsight's Retina CS Enterprise Vulnerability Management capabilities provide security teams with context-aware vulnerability assessment and risk analysis. Retina's results-driven architecture enables security professionals to proactively identify exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud and virtual infrastructure.

"Recent attacks against prominent financial services institutions, retailers and government agencies have demonstrated that the threat environment has profoundly changed," said Mark Kraska, Vice President of Engineering and Director of Compliance at eHealth Technologies, Inc. "With BeyondInsight, we'll be able to not only manage privileges and reveal vulnerabilities, but also gain insights into how privileges and vulnerabilities interconnect and impact our overall security posture in the context of our most important business priorities. This will allow us to see and manage risk like never before."

BeyondTrust is an industry leader in vulnerability management and privileged account management with nearly two decades of experience helping sophisticated organizations protect themselves from cyber-attacks. For more information on the company, or BeyondInsight, please visit: http://www.beyondtrust.com/.

About BeyondTrust

BeyondTrust is the only security solution vendor providing Context-Aware Security Intelligence, giving customers the visibility and controls necessary to reduce their IT security risks, while at the same time simplifying their compliance reporting.

BeyondTrust offers consistent policy-driven vulnerability and privilege management, role-based access control, monitoring, logging, auditing and reporting to protect internal assets from the inside out. The company's products empower IT governance to strengthen security, improve productivity, drive compliance, and reduce expense across physical, virtual, mobile and cloud environments.

With more than 25 years of global success, BeyondTrust is the pioneer of both Vulnerability Management and Privileged Account Management solutions for heterogeneous IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world's 10 largest banks, eight of the world's 10 largest aerospace and defense firms, and 7 of the 10 largest U.S. pharmaceutical companies, as well as renowned universities across the globe.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.