Document 416224

Retina 5.20 New and Updated Features
Retina Network Security Scanner and Retina CS Enterprise
Vulnerability Management
With its family of Retina vulnerability management solutions, BeyondTrust® provides the most flexible, scalable and effective means for identifying security exposures across diverse IT environments. Retina solutions enable customers to efficiently reduce IT security risks while adhering to security best practices, internal policies, and regulatory compliance requirements. Both Retina Network Security Scanner and Retina CS Enterprise Vulnerability Management benefit from the v5.20 updates, which offer expanded scanning coverage for virtual, web and network environments. As a result, IT and security leaders gain the visibility they need to better understand and mitigate the data breach risks facing their organizations. New Feature Highlights
Optional “Web Essentials” Module
Customers using Retina CS or the standard edition of Retina Network Security Scanner can now add an optional “Web Essentials” module, which increases their OWASP Top 10 coverage from five to eight critical web application security threats. The module also adds several enhanced discovery capabilities. For customers requiring specialized, dynamic assessments of custom web applications, and full OWASP coverage, BeyondTrust will continue to offer its Retina Web Security Scanner solution. With this release, all versions of Retina have been updated to include the underlying web application assessment technology from Retina Web Security Scanner. The following table compares the web application assessment capabilities of Retina vulnerability management solutions: Features Standard Editions of Retina Network Security Scanner (RNSS) & Retina CS; RNSS Unlimited Web Essentials + Standard Edition of RNSS or Retina CS *; BeyondSaaS • Web Crawling • HTTP Authorization • Remediation Recommendations • Integrated Network Vulnerability Assessment •
•
•
•
•
Retina Web Security Scanner Includes everything in Retina Network/CS + Web Essentials and BeyondSaaS, plus: ** Includes everything in Retina Network/CS Standard, plus: Web Form Authorization JavaScript Crawling Adjust Performance Settings Whitelist / Blacklist URLs Automatic Form Population Dedicated Web Application Scanner Multiple Report Formats Validation (Single Audit) Applet AJAX Support Single Sign On Authorization Two Factor Authentication Structured Information Translator (JSON, REST, AMF, SOAP) • Manual Website Training & Recording • Reflection Analysis • Web Application Best Practice Recommendations •
•
•
•
•
•
•
1 Attack Methods Standard Editions of Retina Network Security Scanner (RNSS) & Retina CS; RNSS Unlimited Web Essentials + Standard Edition of RNSS or Retina CS *; BeyondSaaS • XSS Simple (3 Attack Patterns) • Directory Indexing • OS Commanding • Server / Application Configuration • Parameter Fuzzing • SQL Injection • Blind SQL Injection • XSS Comprehensive (Reflection) • Authentication Brute Force (HTTP) • XSRF (Basic) • HTTP Response Splitting • XSS Advanced (Persistent and DOM) • Authentication Brute Force (Form/HTTP) • XSRF (Advanced) • File Upload • XST • Session Strength • Java Grinder • Resource Location • Remote File Include • Reverse Proxy • Source Code Disclosure • Unvalidated Redirect • URL Rewriting A2 -­‐ Broken Authentication & Session Management A6 -­‐ Sensitive Data Exposure A8 -­‐ Cross Site Request Forgery A7 -­‐ Missing Functional Level Access Control A10 -­‐ Unvalidated Redirects and Forwards OWASP A1 -­‐ Injection Top 10 A3 -­‐ Cross-­‐Site Scripting Coverage (XSS) (2013) A4 -­‐ Insecure Direct Object References A5 -­‐ Security Misconfiguration A9 -­‐ Using Components with Known Vulnerabilities Includes everything in Retina Network/CS Standard, plus: Retina Web Security Scanner Includes everything in Retina Network/CS + Web Essentials and BeyondSaaS, plus: ** * Web Essentials Module is not compatible with Retina Network Security Scanner Unlimited. ** Integrated network vulnerability assessment not included with Retina Web Security Scanner New Audits for the VMware® ESXi and vCenter Hardening Guidelines
Retina version 5.20 extends the solution’s leadership in vulnerability assessment for virtual environments by conducting remote checks of the security measures outlined in VMware’s Security Hardening Guides for ESXi virtualization servers and the vCenter management console. The new Retina capabilities, which include over 100 new audits, help customers to ensure that their virtual environments adhere to the secure configuration best practices recommended by VMware. New Class A Network Discovery Capabilities
The Retina release also adds scale to vulnerability assessments by allowing for a single scanner engine to assess Class-­‐A networks, thereby enabling customers to identify millions of IP addresses in a single session. These expanded asset discovery capabilities are also available to most BeyondTrust PowerBroker privileged account management customers as part of the BeyondInsight™ IT Risk Management Platform. 2 UNIX and Linux Assessment Updates
Retina v5.20 adds several new features and technical improvements for assessing UNIX and Linux systems, including: • Enhanced backported operating system detection for UNIX and Linux via banner examination. When a backported OS is detected, standard banner auditing is modified to reduce false positives. • Performance enhancements for package checks against Red Hat and CentOS. • Improved SCAP scanning of Red Hat 5 and Red Hat 6 assets Platform Support Updates
Retina v5.20 supports installation and operation from Microsoft Windows 8.1 and Windows Server 2012 R2 Servers. General Enhancements
•
Enhanced Windows File checking capabilities o New engine scanning techniques for the .NET Framework o MSI Installer file checks o Improved file version checking About BeyondTrust
BeyondTrust provides context-­‐aware Privileged Account Management and Vulnerability Management software solutions that deliver the visibility necessary to reduce IT security risks and simplify compliance reporting. We empower organizations to not only mitigate user-­‐based risks arising from misuse of system or device privileges, but also identify and remediate asset vulnerabilities targeted by cyber attacks. As a result, our customers are able to address both internal and external threats, while making every device – physical, virtual, mobile and cloud – as secure as possible. BeyondTrust solutions are unified under the BeyondInsight IT Risk Management Platform, which provides IT and security teams a single, contextual lens through which to view user and asset risk. This clear, consolidated risk profile enables proactive, joint decision-­‐making while ensuring that daily operations are guided by common goals for risk reduction. © 2014 BeyondTrust Corporation. All rights reserved. BeyondTrust and BeyondInsight are trademarks or registered trademarks of BeyondTrust in the
United States and other countries. Microsoft, Windows, and other marks are the trademarks of their respective owners.
BeyondTrust North America | 800.234.9072 | 818.575.4000 | [email protected]
BeyondTrust EMEA | +44 (0) 8704 586224 | [email protected]
Twitter: @beyondtrust | Facebook.com/beyondtrust | Linkedin.com/company/beyondtrust
3