New Readers

 Home News and World Report Buyers Guide Global Excellence Technology Case Studies Editorial Awards About Info Security
 
2008 Best Deployment Scenario

eEye Digital Security

 

WHAT IS THIS TECHNOLOGY?

Today’s network weaknesses are exploited by attacks faster than ever before, significantly narrowing the window for remediation.

In order to fix those vulnerabilities, most organizations rely on their security vendors’ periodic updates. However, patches need to be tested and verified, which takes time. In the meantime, your network is vulnerable, and an attack can hit before an update is acted upon.

Retina is a comprehensive scanner that assesses all network devices, operating systems and applications. Retina pinpoints vulnerabilities, misconfigurations, and other network errors without draining network resources. The result is the most up-to-date protection for even the most complex computing environments.

ORDER REPRINTS
 
Info Security Products Guide
 
this article
 
COMPARE and print reports
 
RATE products






Tomorrow's Technology Today - Vulnerability Assessment


WHAT DOES THIS TECHNOLOGY DO?

Retina has a world-renown reputation for being the industry and government standard for multi-platform vulnerability assessment. It identifies known and zero day vulnerabilities and provides security risk assessment, enabling security best practices, policy enforcement, and regulatory compliance.

By design, Retina utilizes an agent-less scanning engine that can run completely in the background.. By eliminating the heavy burden on network resources, Retina allows scans to be run daily and automatically adjusts the solution such that there is no noticeable degradation in network performance.

Unlike other scanners, anyone can run a Retina scan since it can operate from common desktop operating systems or servers. When a vulnerability is announced, IT managers can scan their network for the vulnerability from home, on the road, or at a branch office to identify where they are potentially at risk.

Retina remotely identifies system-level vulnerabilities to mimic an attacker’s point of view, providing information that an outsider would see about your network. These remote checks provide an accurate assessment, with fewer resources required to scan across departments, locations or geographies. In addition, authenticated scans can reveal details regarding a host for application vulnerabilities, mis-configurations, services, process, storage, and other hardware information that may be relevant to the risk of a host.

Retina also provides a workflow approach to vulnerability management. Retina’s user interface allows for multiple views and reporting options with which to analyze assessment data. This gives users the opportunity to view assets critically correlated with complete vulnerability data. This approach allows users to effectively prioritize remediation efforts, export data for third party integrations, and generate regulatory compliance reports while maintaining data integrity from the same scan job.  

Retina does not rely on exploit code to test for vulnerabilities, as other vendors do. The solution is completely non-intrusive. Many vendors erroneously believe that the best way to test vulnerabilities is with exploit code or “potentially” unsafe tests. This approach can leave a host even more vulnerable than before and potentially interrupt the business operations of the asset. These are commonly referred to as penetration tests. The infrastructure must cope with this malicious test, which in the end simply verifies a known vulnerability. Retina uses non intrusive audits verses exploit code,  and provides the same reliability for identification without the risk to the asset or infrastructure.

Retina prioritizes vulnerabilities, allowing organizations to focus on the most critical and high vulnerabilities posing a threat to the network. In addition, reports can be graded by eEye’s risk, CVSS, or even PCI scales to meet industry standards or regulatory compliance. This is possible due to our world-renowned research team, which time and again discovers new critical vulnerabilities before anyone else in the industry, including those individuals looking to cause harm and destruction. By following industry standards, the solution is relevant to everyone addressing regulatory compliance, vulnerability assessment, and best practices for infrastructure security.

Finally, in the enterprise architectures, eEye Digital Security offers the REM Management Console. REM provides centralized report, data aggregation, job control, policy enforcement, and asset based risk asset assessment for environments that require multiple Retina scanners. The flexibility of Retina to deploy in a small environment or enterprise infrastructure makes the solution the premier choice for over 9,000 clients worldwide today.

Retina provides a workflow approach to vulnerability management. Retina’s user interface allows for multiple views and reporting options with which to analyze assessment data. This gives users the opportunity to view assets critically correlated with complete vulnerability data. This approach allows users to effectively prioritize remediation efforts.   

Retina does not rely on exploit code to test for vulnerabilities, as other vendors do. Many vendors erroneously believe that the best way to test vulnerabilities is with exploit code. This approach wastes network resources. The network must cope with a perceived attack, which in the end simply verifies a known vulnerability. Instead, Retina focuses on critical and high vulnerabilities. Retina can scan for known vulnerabilities and those that pose little risk, but only if the end user requests them.

Retina prioritizes vulnerabilities, allowing organizations to focus on the most critical and high vulnerabilities posing a threat to the network. Retina can also scan for vulnerabilities that pose little risk, but only if the end user requests them. eEye has the confidence to focus on the more critical flaws, while ignoring those that pose little risk.  This is possible due to our world-renowned research team, which time and again discovers new critical vulnerabilities before anyone else in the industry, including those individuals looking to cause harm and destruction.

Conclusion: Retina scans an entire Class C network in about 15 minutes, discovering all of your networked devices. Retina also discovers wireless devices and their configurations, ensuring these connections can be audited for the appropriate security settings. If it has an IP address, Retina will find and assess it.


eEye Digital Security, Inc.
1 Columbia
Aliso Viejo, California 92656
Tel: +1-866-339-3732
CLICK HERE to download white paper/report