eEye's Retina Network Security Scanner One of the First to Receive Certification
(ALISO VIEJO, CA) November 11, 2004 — eEye® Digital Security, a leading developer of vulnerability management software solutions for enterprise security, today announced its industry-leading network security scanner Retina® has been awarded compatibility with the Common Vulnerabilities and Exposures (CVE) by the MITRE Corporation, a non-profit organization that provides systems engineering, research and development, and information technology support to the government. A list of standardized names for vulnerabilities and other information security exposures, CVE aims to standardize the names for all publicly known vulnerabilities and security exposures. The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools. By being “CVE-compatible,” Retina is able to cross-link with other repositories and tools that use CVE names.
“As one of the first network security scanners to be awarded CVE-compatibility, eEye is contributing to the advancement of security research for both the public and private sectors,” stated Robert Martin, CVE Compatibility Lead. “Given its position as a leading provider of vulnerability research and enterprise security software, we are extremely pleased to have eEye participating in this program.”
CVE-compatible products and services must perform the following four specific functions:
- CVE Searchable: A user can search using a CVE name to find related information
- CVE Output: Information is presented which includes the related CVE name(s)
- Mapping: The repository owner has provided a mapping relative to a specific version of CVE, and has made a good faith effort to ensure accuracy of that mapping
- Documentation: The organization’s standard documentation includes a description of CVE, CVE compatibility, and the details of how its customers can use the CVE-related functionality of its product or service
“Retina's recognition as one of the first network security scanners to achieve CVE-compatibility demonstrates eEye's commitment to interoperability throughout the security industry,” stated Firas Raouf, eEye's COO. “Our world-class research team has discovered more critical security vulnerabilities than any other, so we understand the compelling need for naming standards to effectively communicate these vulnerabilities to the security community.”
About Retina
Retina leads the industry in accuracy, its ability to scan enterprise networks without crashing systems and its open, modular architecture, making it the easiest product on the market to deploy, use and integrate with existing enterprise applications. Unlike many competing technology approaches, eEye's non-intrusive scanning technology won’t crash systems or applications. Even if one percent of the machines within a large, distributed enterprise crash as a result of a scan, they must be re-booted, resulting in tens or even hundreds of thousands of dollars in lost productivity. eEye’s Retina is also unique in its ability to perform the vast majority of its scans without administrative rights, thus allowing enterprises to quickly and easily secure their globally distributed networks.
Retina leverages the expertise of eEye Digital Security's research team, incorporating the most up-to-date vulnerabilities database that is automatically downloaded at the beginning of each Retina session. This enables security professionals to proactively secure their networks against the most critical and relevant vulnerabilities. In addition to scanning against the most comprehensive database of known vulnerabilities, customers can write their own customized audits. These audits can be used to enforce internal security policies to verify such items as anti-virus deployments, approved machine configurations and application version control.
Retina also provides an integrated workflow approach to vulnerability assessment and remediation, guiding users through the discovery, audit, remediation and reporting of network vulnerabilities via a highly intuitive interface. Additionally, expanded reporting delivers the ability to sort data by vulnerability, machine type, level of risk and more. Enterprises can also customize specific reports for executive review or other purposes. These new reporting methods make for a faster, more efficient vulnerability discovery process – as much as fifty percent quicker than previous processes.
Interested parties can find additional information on CVE at http://www.cve.mitre.org.
About Mitre
MITRE (www.mitre.org) is a not-for-profit company that provides systems engineering, research and development, and information technology support to the government. Chartered to work in the public interest, MITRE operates federally funded research and development centers for the Department of Defense, the Federal Aviation Administration, and the Internal Revenue Service, with principal locations in Bedford, Massachusetts, and McLean, Virginia.
About eEye Digital Security
eEye Digital Security® is pioneering a new class of security products:integrated threat management. This next-generation of security detects vulnerabilities and threats, prevents intrusions, protects all of an enterprise’s key computing resources, from endpoints to network assets to web sites and web applications, all while providing a centralized point of security management and network visibility.eEye’s research team is consistently the first to identify new threats in the wild, and our products leverage that research to deliver on the goal of making network security as easy to use and reliable as networking itself. Founded in 1998 and headquartered in Orange County, California, eEye Digital Security protects more than 9,000 corporate and government organizations worldwide, including half of the Fortune 100. For more information, please visit www.eeye.com
Primary Agency Contact
Victor Cruz
MediaPR
(508) 655-4397 eEye@mediapr.net
EMEA Agency Contact
Ralph Klöwer
INTERFACE Relations
+49 (0) 89-552 688-66 r.kloewer@interface.pr.de
Corporate Contact
Stacy Newman
eEye Digital Security
(949) 900-4131 press@eEye.com
