[ISN] eEye Tool Helps Find, Fix Vulnerabilities

From: InfoSec News (isnat_private)
Date: Tue Nov 05 2002 - 22:29:00 PST

  • Next message: InfoSec News: "[ISN] Protecting the Premises"

    http://www.eweek.com/article2/0,3959,669570,00.asp
    
    By Dennis Fisher 
    November 5, 2002 
    
    In an effort to tap the potential of its various security
    technologies, eEye Digital Security Inc. next week will unveil its new
    Enterprise Vulnerability Assessment and Remediation Management
    solution.
    
    The new offering, which will be generally available at the end of
    November, is essentially a combination of eEye's flagship Retina
    scanner and its new Remote Enterprise Management console. Designed for
    large enterprises with complex, distributed networks, the new solution
    includes an integrated vulnerability remediation process in addition
    to its core scanning and reporting capabilities.
    
    Administrators can set up scheduled scans or perform manual operations
    from the new console. Once a scan is complete, the Retina software
    sends it data back to the console via an encrypted channel. That data
    is then combined with information from other scanners across the
    network and displayed in a series of charts and graphs showing
    vulnerabilities for each IP address scanned.
    
    The scan data can also be imported into such management systems as
    IBM's Tivoli software or Hewlett-Packard Co.'s OpenView.
    
    After all of the vulnerabilities have been identified, the
    administrator can then delegate the remediation of each one to a
    specific person. This generates a new remediation ticket, which
    includes a description of the vulnerability, the machines it affects
    and a link to the patch. After fixing the problem, the analyst then
    closes the ticket, enabling managers to see which vulnerabilities have
    been addressed and which are still pending.
    
    "Our customers have been saying, you've told us that there all of
    these vulnerabilities out there, now what do we do about them?" said
    Firas Raouf, chief operating officer at eEye, based in Aliso Viejo,
    Calif.
    
    The new Remote Enterprise Management console is capable of controlling
    all of eEye's products - SecureIIS, Iris, Blink and Retina - and can
    also handle security alerts from other vendors' products.
    
    The new solution will be sold based on the number of IP addresses to
    be scanned, with prices varying from about $10 per address to about
    $20-$25 per address, Raouf said.
    
    eEye joins a crowded market segment with the announcement of this new
    solution. Companies such as Foundstone Inc., Qualys Inc. and others
    have similar offerings.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Nov 06 2002 - 00:36:03 PST