Security Experts:

BeyondTrust Updates Its Free Vulnerability Assessment Tool

BeyondTrust has released a new version of its free “Community Edition” Retina vulnerability assessment tool. With Retina Community, enterprises can perform on-the-fly assessments without waiting for the next audit, the company said.

The new edition of Retina Community includes scanning profiles targeting endpoints, servers, desktops, virtual machines, and other groups within the enterprise, BeyondTrust said on Tuesday. IT departments can use the scan profiles to assess the IT environment for vulnerabilities and to ensure they meet security best practices and compliance requirements.

Retina Community, based upon Retina Network, BeyondTrust's own network security scanner, is based on the technology the company inherited when it acquired eEye Digital Security earlier this year. The audit database used by the scanning tool to perform its assessment is maintained and updated on a daily basis by the BeyondTrust Research Team. The live vulnerability feed provides the latest information about missing patches, insecure configurations and zero-day flaws.

“The rapidly changing threat landscape coupled with today’s dynamic IT environments unfortunately creates a prime breeding ground for vulnerabilities,” said Marc Maiffret, chief technology officer at BeyondTrust.

The scanning tool offers zero-gap visibility, context-aware prioritization, and guided remediation to significantly increase IT's visibility into the network, the company said. The free license now supports up to 256 assets.

Mid-size organizations using this tool would dramatically decrease the cost of managing IT security risks. The profile-driven interface allows administrators to create role-specific assessments, which reduces noise in day-to-day operations, BeyondTrust said.

Retina Community helps administrators "identify potential weaknesses and help prioritize which need to be addressed first," Maiffret said.

The "Windows 8-inspired" and wizard-based user interface simplifies the scanning process for users, the company said. There is also complete automation support to test against the most common configuration mistakes.

Administrators are "now empowered to identify risks and learn how to remediate them, reducing the internal and external attack surface of their environments dramatically," according to Beyond Trust.

Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.