BeyondTrust, a Carlsbad, Calif.-based company specializing in context-aware security, has released an updated version of its vulnerability assessment tool. Provided through the company's Retina Community, the free assessment tool includes scanning profiles tailored to the specific IT user groups, and the company has doubled the number of assets that it supports.
"Our community version, which provides full-blown vulnerability management and patch management, has been increased from 128 assets to 256 assets, and you can still use it for free," said CTO Marc Maiffret. "These assets could be anything. Let's say you have a company that has 200 employees with routers and servers and networking equipment. You could use this for free to assess their security level and deploy patches to any combination of systems."
"With this release, users can gather the type of information that's most directly suited to their respective role," explained Maiffret. "People who are in charge of security, compliance, servers, desktops, virtualization or databases can get the information that directly relates to their focus areas. They can be very proactive, and they don't have to wait for the next audit. This helps them to react to threats a lot more quickly."
[Related: 7 Deadly Sins of Information Security]
The vulnerability database is maintained on a daily basis, according to the vendor. Product capabilities include vulnerability assessment with zero-gap visibility, context-aware prioritization and guided remediation. The system also has a new interface based on the forthcoming Windows 8 GUI. "I think it looks sexy," commented Maiffret.
The expanded tool is likely to provide channel partners with the ability to perform a more targeted entry of prospects while at the same time helping to extend the conversation to security decision-makers.
"You plug in your network address and add your listing of computers ..." explained Maiffret. "At that point, the assessment tool looks at the different systems the same way the hacker would -- trying to figure out all the ways that someone could break in. It then provides specific information on how to fix those issues. This is not pen testing because it does not provide exploits designed to break into the network, although we do integrate with systems that do that."
According to Maiffret, the tool gathers the type of information that helps BeyondTrust improve its products while, at the same time, helping channel partners to penetrate new accounts, or expand existing ones. The company claims more than 10,000 organizations in its current community.
PUBLISHED OCT. 2, 2012