Shulou(Shulou.com)06/01 Report--

RetinaCS powerful vulnerability detection tool

Founded in the late 1990s, Eeye Digital Security is the world's leading security company that uses the latest research and innovative technologies to secure your network brother systems and provides you with the most powerful services: comprehensive, vulnerability assessment, intrusion prevention, and customer security solutions. You still remember the widely used network traffic analyzer Iris in 2009, as well as eEyeBinaryDiffingSuite's vulnerability discovery and analysis tools, SecureIIS (protecting MicrosoftIIS network server products), Blink (a combination of firewall protection, * detection and defense systems, security policy enforcement monitoring and other tools) are the company's masterpieces. What I show you today is another of his blockbuster products, RetinaCS. Many people understand the vulnerability management system as not similar to Nessus, yes, but its latest version is much more powerful than Nessus. In fact, RetinaCS is a multi-platform vulnerability management system that meets industry and government application standards. It will help government and enterprise customers greatly reduce security risks in physical, virtual and mobile environments. It integrates the discovery, classification, repair and reporting of security vulnerabilities. RetinaCS will be more effective than ever in finding, grading, and fixing security vulnerabilities. In 2012, RetinaCS was named the Gold Award for vulnerability Management Product of the year by InformationSecurity. I first tested this software in 2009 because it was a restricted version and could only scan 1 IP, and then gave up the test. fortunately, last year, I was invited by a well-known network security evaluation organization in China to conduct a comprehensive test of this tool. The following mainly shows the advantages of this product.

Figure 1 Dashboard display

Features:

Centralized security management: identify, scan and evaluate all external devices connected to the network in the organization, regardless of the office location where the equipment is located and the operating system used by the equipment. A single view of security risk information for all assets

Vulnerability assessment of mobile devices: use the same vulnerability management and assessment process as other key assets to manage mobile devices such as Android and their applications

Built-in patch management: based on the Microsoft WSUS engine currently used by many enterprises, it integrates agentless patch management tools to provide patch services for Microsoft and some third-party applications such as Adobe (including Distiller,Elements,Reader,Flash,Shockwave) and Mozilla (Firefox).

Asset comparison management: strict filtering by date, time, asset, direction, and loophole

Comprehensive technical report: provide enterprise safety report, which uses easy-to-read expression, including visual charts and graphics, to facilitate rapid assessment, disaster reduction and protection.

Flexible risk assessment: assessment of assets and risk tolerance based on CVSS (General vulnerability scoring system CommonVulnerabilityScoringSystem)

Integration of * and malware information: increase the level of asset risk by viewing malware and * data (including * from third-party solutions).

Rich vulnerability intelligence collection: increase the level of risk by identifying whether a vulnerability is associated with a published vulnerability in CoreImpact,Metasploit,orExploit-db.com

Flexible policy management:

Dynamically populate the asset group based on the discovered features of the target, including the process of installing software and running programs. Provides predefined groups for common roles such as Web servers and operating systems. In addition, it can set comprehensive alerts for any results found by the asset, including vulnerabilities, malicious devices, and other host changes. In short, he is a very good network vulnerability assessment tool, of course, his price is also astonishingly high, so he is the product that many enterprises sleep for. Fortunately, there are many open source network security assessment products in the world, such as OpenVas. I would also like to say that in the book "Linux Enterprise Application case solution", it has been introduced to find network security vulnerabilities through the Ossim system, which you can refer to if you are interested.

All right, next time we will continue to explain another super test tool, CoreImpactPro (download and use http://dl.dbank.com/c0jzoq8ll8). Please look forward to it.

Attached: download and install: https://www.eeye.com/eEyeDigitalSecurity/media/retina-community/Retina-CS-Community-Installation.pdf

Https://www.eeye.com/Files/Community/Retina-CS-Installation-Checklist.pdf

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.