Archive for May, 2012
Putting out the Flames
Stop me if you’ve heard this one before: there is a new piece of malware and this one is even worse than the last one. It is bigger, scarier, more complex and will take years, according to some estimates, to actually ever know what the malware really does. And of course it already has a plethora of names depending on which anti-virus company or research group tried to stake their claim of being the first to discover it. Welcome to this month’s installment of Scary Malware Theater, starring Flame. More [...]
Retina Insight Pivot Grids, Custom Report Sharing on eEye Forums
Around this time last year I wrote a blog on the Pivot Grids within Retina Insight and how they allow a user to custom build historical reports based on almost every piece of data collected by Retina Insight. Recently I spoke with an analyst on this same topic and he was very pleased to see that we have true ad-hoc reporting (vulnerabilities, asset data, and even attacks and malware) built directly into the solution. He also commented that while a few other vendors claim to have “ad-hoc reporting”, they are restricted by templates and conditions of custom report editors. Retina Insight does not have those types of limitations. When we say custom, we mean it. Our users can (truly) customize reports based on any data that is collected from our vulnerability management and endpoint protection solutions and then filter those results, publish them as automatic subscriptions, and even export the templates to be shared with other users and installations.
Configuration Mistakes Make for Costly Security Gaps
Earlier this week, Brian Prince over at Security Week posted an article on a subject that we’ve always been passionate about here at eEye, now BeyondTrust, Research – and that’s configuration. More specifically, the incredible impact that smart, effective configuration can have on reducing attack surface for any size organization. More [...]
Chrome continues its march to security domination. We nod knowingly.
As security researchers, we’re always looking for ways to put the security conversation in the spotlight; be it an interesting fact, figure or editorial. By now you’ve probably read about how Google Chrome has achieved the number one browser position, worldwide (according to StatCounter). Coming in at about 32.76% of the global browser market share, Chrome beat out IE but just by a mere 0.82% percent, which obviously only had 31.94% market share (math, son).
eEye’s May Patch Tuesday Assessment Now Available On Demand
Miss our live VEF webinar earlier this week? In case you did, I’ve put all of the content together for you below. Enjoy!
Additionally, access this month’s Security Bulletin, a list of all the Audit IDs, and the PDF of the presentation. If you have additional questions you’d like to ask the research team about this month’s Patch Tuesday, please feel free to comment below and we’ll get them answered.
Work Smarter with Retina Insight Threat Analyzers
It keeps happening over and over again. I speak to a prospect, and they do not want yet another vulnerability report with pages and pages of assets and vulnerabilities. Every tool vulnerability assessment scanner can produce this with various degrees of customization and consolidation but a 1,000 page report for a few dozen assets doesn’t scale for the organization or the administrator trying to interpret the results. Even sorting the results based on risk, or filtering on critical assets, can produce a report that is completely unusable based on the shear volume of pages contained within. The same problem is happening in almost every enterprise client I speak to. So what is the solution? Rethinking how a solution displays, reports, and analyzes vulnerabilities and present them in a way that is meaningful and actionable.
BeyondTrust and eEye Acquisition Announcement Now On Demand
By now you’ve heard the exciting news that eEye was acquired by BeyondTrust. We are both very excited about the acquisition and look forward to what the future has in store. Earlier this week executives from both companies hosted a live webcast where they discussed the benefits, our joint value proposition and how our products will help increase the efficiency of security operations. Below is that recording. We invite you to sit in on this very informative webcast to hear from business and strategy leaders from both eEye and BeyondTrust, as they discuss the plans for the combined company.
If you have additional questions related to this acquisition, please feel free to comment below and we’ll try to answer them in the order they are received.
Enjoy.
Retina Now Offers Custom Audits for Android Devices
When a marketing buzz word sticks like BYOD (Bring Your Own Device), it is inevitable to see it everywhere in an effort to capitalize on the momentum; blogs, literature, SEO, social media, etc. In the past, we have seen great terms like “ecosystem”, “framework”, and my personal favorite “distributed computing”, rise and fall in marketing. Fortunately, some of these buzz words are more realistic than others and really do pose a challenge to many companies. It is not just about the latest and greatest technology or security threat, but what really matters to the business.
eEye Digital Security Acquired by BeyondTrust
Earlier this morning we announced that eEye Digital Security has agreed to be acquired by BeyondTrust, the industry’s leading provider of Privileged Identity Management (PIM) solutions. This is a very exciting milestone in the history of eEye Digital Security, a company that has long been at the forefront of security product leadership and innovative security research. More [...]
Our Newest Release – Retina CS 3.1
Our product team has just put the finishing touches on the newest release of Retina CS, our award-winning Threat Management Console. Version 3.1 expands our market leadership in innovation for helping IT secure the technologies being widely deployed today.
As it has been since halfway through 2011, Retina CS remains the only unified vulnerability and compliance management solution that integrates security risk discovery, prioritization, remediation, and reporting across your entire IT infrastructure, be it the traditional (server, desktop) or the rapidly expanding (cloud, mobile and virtualization). More [...]
