BeyondTrust BeyondSaaS Cloud-Based Scanning
Gain an Attacker's View of Your IT Perimeter
From the cloud, BeyondSaaS gives you an attacker’s view of your IT perimeter vulnerabilities. BeyondSaaS conducts fast, affordable security assessments of your publicfacing network infrastructure and web applications, while delivering straightforward and accurate reports. As a result, you’re able to quickly identify perimeter vulnerabilities, clearly understand their potential impact, and decisively act to mitigate threats.
Using BeyondSaaS together with an internal network vulnerability management solution, such as BeyondTrust Retina CS or Retina Network Security Scanner, gives you a complete picture of enterprise risk from both inside and outside the firewall – including known vulnerabilities and configuration weaknesses as well as uncommon and zero-day vulnerabilities introduced by custom-built applications.
- External network scanning of unlimited IP addresses
- Black-box web application assessments
- Unlimited user accounts
- Regulatory compliance assessments for PCI DSS and other initiatives
- Clear vulnerability reports and remediation guidance
- Threat history trend reporting
- Scheduled or ad-hoc testing
- Two-factor authentication via Microsoft Live
- Encrypted data transmission
- No software or hardware install
- No license management
- Optional 24 x 7 x 365 support
Comprehensive, On-Demand Network and Web App Scanning
Powered by Retina, an award-winning vulnerability scanner trusted by thousands of organizations, BeyondSaaS extends BeyondTrust’s legacy of delivering unmatched vulnerability management to the cloud. With nothing to install, you simply log into BeyondSaaS, specify a target IP range or web application, and BeyondSaaS handles the rest. Everything you need is pre-configured and delivered through a mobile HTML 5 interface that lets you manage and communicate risk from virtually any web browser, tablet or smart phone.
Network Vulnerability Scanning Capabilities
Assess network devices, operating systems, web applications, ports and services against a vast, continually updated vulnerability database.
- Measure PCI DSS compliance, and gauge perimeter security versus best practices.
- Accurately identify vulnerabilities with a <1% false positive rate.
- Perform Class C network scans in under 15 minutes on average.
- Profile target operating systems via Nmap and proprietary OS fingerprinting.
- Scan custom machine configurations, ports and applications.
The BeyondSaaS dashboard enables you to measure and track perimeter network and web application vulnerabilities over time.
Web Application Vulnerability Scanning Capabilities
Websites and web-based applications are favorite targets of today’s advanced attacks. Lockout hackers at the front door and stop your web applications from becoming an easy way into critical systems and information.
- Accurately crawl web pages that include technologies such as AJAX, SOAP/WDSL, SOAP/ WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations.
- Scan off-the-shelf or custom-built web applications automatically for SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and over 500 other webbased vulnerabilities.
- Automatically crawl and scan complex password protected zones including multi-step or Single Sign-On (SSO) with a built-in login recorder.
- Audit web applications against a database of more than 1,200 known WordPress core, theme and plugin vulnerabilities.
- Scan hundreds of thousands of web pages and applications without interruption, using our multi-threaded architecture.
The Easiest, Most Secure SaaS Vulnerability Assessment Available
BeyondSaaS simplifies the entire vulnerability management process, enabling you to quickly identify vulnerabilities and fixes with maximum security and minimal hassle. You simply specify a target IP range or web application, and BeyondSaaS handles the rest.
- Get fast, comprehensive and accurate scanning, backed by over 15 years of expertise.
- Conduct multiple vulnerability assessments after a simple, one-time registration process.
- Access your account using Microsoft Live two-factor authentication.
- Leverage single sign-on via Active Directory and other identity providers.
- Eliminate software and hardware deployment and configuration.
- Manage job scheduling, results and reports through a highly secure, encrypted HTML 5 web interface.
- Rely on a Microsoft Azure’s highly secure multi-tenant architecture.
Easy and Efficient
With nothing to install, simply log into BeyondSaaS, specify a target IP range or web application, and BeyondSaaS handles the rest. A mobile HTML 5 interface lets you manage and communicate risk from virtually anywhere.
Access your account using Microsoft Live two-factor authentication and rely on Microsoft Azure’s multi-tenant architecture with its extensive backend security capabilities.
BeyondSaaS delivers clear vulnerability and remediation reports, including PCI DSS reports that assist with compliance audits. Historical trend reporting allows you to track your progress over time.
Conduct network vulnerability scanning across unlimited IPs for one low annual subscription fee. Purchase web application assessments on an as-needed basis and provide access to unlimited users at no additional charge.
Features and Benefits:
- Audit all externally facing systems: Identify weaknesses in network devices, operating systems, applications, ports and services.
- Cover your unique environment: Scan custom machine configurations, ports, and applications.
- Build in-depth OS profiles: Profile target operating systems via Nmap and proprietary OS fingerprinting.
- Get unbeatable scan performance: Perform Class C network scans in under 15 minutes on average.
- Minimize false positives: Accurately identify vulnerabilities with a <1% false positive rate.
Reporting and Compliance
- Gain actionable information: Get clear vulnerability reports that include action items for remediation.
- Communicate risk: Share vulnerability trends and remediation progress.
- Simplify compliance: Assess and report against PCI, SOX, HIPAA, DISA-STIG, GLBA, FISMA and OWASP Top Ten.
Web Applications Scanning
- Accurately crawl web pages: Crawl modern technologies such as AJAX, SOAP/WDSL, SOAP/ WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT) and CRUD operations.
- Automatically scan off-the-shelf or custom-built web applications: Detect SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and over 500 other web vulnerabilities.
- Easily access protected areas: Automatically crawl and scan complex password protected zones including multi-step or Single Sign-On (SSO), with a built-in login recorder.
- Discover WordPress vulnerabilities: Cover more than 1,200 known vulnerabilities in WordPress core, themes and plugins.
- Ensure fast reliable scans: Handle hundreds of thousands of pages without interruption, with our multi-threaded architecture.
Simple and Secure
- Ensure data security: Rely on encrypted data transmission & secure, two-factor authentication via Microsoft Live.
- Save money: Get unlimited user accounts and scan unlimited IP addresses for one low price.
- Automate for efficiency: Conduct automated, scheduled vulnerability assessments.
- Speed deployment: Eliminate software and hardware installation and configuration.
- Eliminate white-listing hassles: White-list just a few IPs (vs. thousands with other solutions).
- Get support when you need it: Take advantage of optional 24 x 7 x 365 Platinum Support.
How It Compares:
BeyondSaaS offers several advantages over other cloud-based solutions:
- Lower cost with unlimited IP addresses and user accounts
- Broader coverage of network assets and web applications
- Less overhead with no software or appliance to install
- Simple sign-on using Microsoft Live two-factor authentication
- Less hassles via simplified whitelisting; straightforward address and URL targeting
- Easier to use mobile management and reporting
BeyondSaaS enables you to meet vulnerability scanning requirements for PCI DSS, FDCC, SANS, HIPAA, SOX, GLBA and many other regulations. Key compliance features include:
- y Automated asset discovery for broad, accurate scoping
- External scanning of network assets and web applications
- PCI reporting in the proper DSS submission format
Download the BeyondTrust BeyondSaaS Cloud-Based Vulnerabilty Assessment Datasheet (.PDF)