Jan 25

Retina Vulnerability Reporting Issue

If you think you’re doing a bad job at vulnerability management, maybe it isn’t as bad as you think.

If you use Retina and Beyond Insight, many vulnerabilities over the past 6+ months may not have been marked as remediated.

The scan results may be accurate, but the analytics module continues to show the vulnerability even after remediation.

Every report you run might have months’ worth of vulnerabilities that aren’t really there.

 

Activity Broken Working
Scan #1 System has 5 vulnerabilities System has 5 vulnerabilities
Analytics Report #1 System has 5 vulnerabilities System has 5 vulnerabilities
Admin Remediation 4 of 5 vulnerabilities are remediated 4 of 5 vulnerabilities are remediated
Scan #2 System has 1 vulnerability System has 1 vulnerability
Analytics Report #2 System has 4 current vulnerabilities and 1 was remediated System has 1 current vulnerability and 4 were remediated
Management Why do we have so many vulnerabilities?! Great job getting rid of so many vulnerabilities!

 

The development team at Beyond Trust worked quickly to produce a fix just a few days after the issue was reported to them and the fix will be incorporated into the next release.  Unfortunately, you might have already been held accountable for poor results.

If you use Retina and Beyond Insight, compare your scan results to your analytics report to see if you have any discrepancies.  If you do, you might want to reach out to support for the hotfix.

As an IT/Security person, you should question everything.

Don’t blindly trust the data you get from any tool.  Constantly check your tools, test them, and compare them against their competitors.

 

 

Leave a Reply

Your email address will not be published.