BeyondTrust – Enterprise Vulnerability Management

BeyondTrust Enterprise Vulnerability Management is a fully automated solution that uses a web-based interface and offers vulnerability and security configuration assessments by leveraging penetration testing results and exploit data. The penetration testing results are imported from Core Impact and Metasploit, while the exploit data comes from Exploit Database and CANVAS. Penetration testing can also be conducted via the Metasploit Framework. It can be deployed as software, physical appliance, virtual appliance or in the cloud. 

Extensive reporting supports regulatory and compliance management in industry-standard formats such as CVE, PCI, CVSS and more. Reporting and analytics yield an integrated, context-aware analysis of risk, attacks, patching, privileges, benchmarks and compliance activity.

The Privileged Access Management Platform is composed of privileged password and session management, endpoint privilege management and secure remote access. Privileged password and session management discovers, manages, audits and monitors privileged accounts of all types. Endpoint privilege management removes excessive end users’ privileges on Windows, Mac, Unix, Linux and network devices. Secure remote access secures, manages, and audits vendor and internal remote privileged access.

BeyondTrust works to proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, cloud and virtual infrastructures. The offering features extensive reporting, advanced analytics, and deep integration with BeyondTrust Privileged Access Management (PAM) solutions. Benefits include resource planning, smart rules, and more. It detects emerging threats and pulls that data into 270+ actionable reports. The solution also supports compliance integration.

BeyondTrust has designed enterprise vulnerability management solution to provide organizations with context-aware vulnerability assessments and risk analysis. The results-driven architecture works with users to proactively identify security exposures, analyze business impact, and plan to conduct remediation.

Setup was time consuming. After the server was finally up, we realized it required Adobe Flash to run and SQL for reports and analytics. Although intuitive, the interface felt outdated. Despite these shortcomings, the solution offers complete coverage by gathering, correlating, prioritizing and reporting on vulnerability data across an IT stack.

Central management showcases multiple scanners, role-based access and multitenancy. The multitier architecture allows organizations to securely conduct scans across a variety of environments with optimal performance.

Scan options include the ability to schedule reports. Analytics and reporting display asset risks, vulnerability count, total assets, total asset score, total vulnerability score and vulnerability count. An extended executive summary report includes an executive threat dashboard and a risk matrix that categorizes vulnerabilities.

Pricing starts at $35 per asset. The BeyondTrust UVMv20 hardware appliance is priced at $10,235. 24/7 phone and email support are offered for 20 percent of the license fee.

Tested by Matthew Hreben