Last week, security vendor BeyondTrust combined its "context-aware" approach to vulnerability assessment with user-privilege management on Windows. Today, it has taken another step in the same direction with new software that delivers similar features for systems reporting, analytics and password security on Linux and Unix servers. Read on for the details, and what the emphasis on context-awareness means for the channel.
On Wednesday, BeyondTrust announced updated versions of its PowerBroker Servers for Linux & Unix and PowerBroker Password Safeproducts, which now feature greater integration with the company's Retina CS vulnerability management platform. By combining these tools, the company said, users will be better positioned to leverage risk intelligence when handling user privileges and passwords, helping to identify the parts of the network where rigorous enforcement of security policies is most important.
The integration is made possible by new functionality in Retina CS itself, which now allows customers to understand "how assets are being used and potentially exposed by delegated administrators," said BeyondTrust Executive VP of Product Strategy and Operations Brad Hibbert. "Customers can now encourage a risk driven culture across both security and operations teams. Security teams gain insight into operational activities to improve prioritization of remediation activities, and operations teams can consider the risks associated with assets when prioritizing and tightening least privilege policy."
Meanwhile, in addition to the integration with BeyondTrust's password-management and Linux/Unix products, the latest release of Retina CS also gained other new features that increase its value and user-friendliness for security administrators. They include:
- Smart group filtering by new class of Smart Rules for Vulnerabilities
- Microsoft System Center Configuration Manager (SCCM) data enhancements and expanded reporting capabilities
- Offline VMware scanning of Windows guest OSes
- Data discovery (personally identifiable information) reporting and analytics
- Expanded and new reports on key project areas (access, privilege, PCI, patches, file integrity, benchmark, etc.)
The risk-management features and product integrations introduced today follow BeyondTrust's announcement last week of new functionality for its PowerBroker for Windows product, which also gained greater context-aware risk-management capabilities through Retina CS.
This is a sign that context-awareness is an increasingly important part of the channel today. Security is no longer about the impossible goal of trying to protect all systems and data equally and perfectly, but instead determining where finite security resources and personnel can be used to greatest advantage. It's the Realpolitik of IT security.