ALISO VIEJO, CA -- 03/13/08 --
eEye Digital Security, a leader in network
vulnerability scanning, announced today that it is expanding
the company's security suite to include full-featured web vulnerability
scanning. The Retina Web Security Scanner is a best-in-class web scanning
solution that rapidly and accurately scans large, complex web sites and web
applications to tackle web-based vulnerabilities.
This new eEye solution gives customers a complete picture of the
performance and security status of deployed web applications plus on-demand
inventory and diagnostic capabilities, ensuring privacy and compliance.
The Retina Web Security Scanner extends eEye's growing integrated threat
management security suite and leverages eEye's advanced security
intelligence capabilities. Using Retina Web Security Scanner and Retina
Network Security Scanner in tandem, eEye customers now have a powerful
multi-layered scanning approach.
With the addition of eEye's centralized management and reporting console,
REM, security administrators have a unified solution that consolidates
security information into one dynamic repository. REM facilitates data
analysis and benefits administrators by eliminating information overload
and automating previously time-consuming tasks. Users are able to install
the Retina Web Security Scanner on the same servers that currently run
Retina Network Security Scanner, significantly reducing installation and
maintenance costs.
Web
application security has emerged as the premier security challenge
facing the information technology industry. The Retina Web Security Scanner
represents a strategic decision on eEye's part to invest, innovate and lead
in this fast-growing space. According to the world's leading independent
research advisory firm, Gartner Group, approximately 70 percent of
malicious attacks target the application layer. Enterprises that scan their
web applications after modifications experience a 70 percent reduction, on
average, in security incidents in those applications.
"Web 2.0 and SaaS are rapidly becoming the predominant delivery model for
software," said Kamal Arafeh, CEO, eEye Digital Security. "Traditional
firewalls, SSL VPNs and other security products cannot fully protect
against flaws in these web applications. eEye believes that the
vulnerability landscape needs to change and evolve yet again to meet this
new set of challenges. For the past ten years, eEye products have addressed
operating system and application vulnerabilities and now with Retina Web
Security Scanner, we are innovating further to address web application
vulnerabilities and flaws."
In response to the limitations in existing web security technology and
increasing customer demand, eEye partnered with NT OBJECTives, Inc.
(www.NTOBJECTives.com), an application security company specializing in
next-generation web security scanning. eEye is licensing NTOSpider and
working with NTO on a variety of integration efforts. The byproduct of this
partnership is the Retina Web Security Scanner. The product is eEye branded
and being offered for sale through eEye's global sales force and channel
distribution network.
"We are extremely excited to be working with one of the pioneers in network
security. eEye's leadership in vulnerability research and security
software is well known and we look forward to working with them to
integrate these solutions to improve the ability of enterprises to have a
holistic view of their risk posture," said JD Glaser, CEO, NTO. "Customers
are increasingly concerned with data security because of the more stringent
PCI requirements for the application layer. This partnership allows us to
provide eEye with best-of-breed web application vulnerability assessment
technology and highlight Layer 6 vulnerabilities."
Retina Web Security Scanner identifies application vulnerabilities as well
as site exposure risk, ranks threat priority and indicates site security
posture by vulnerabilities and threat level. It provides complete
remediation recommendations and detailed HTML reports with flexible XML
data. Retina Web Security Scanner automates the process of authentication,
session management, crawling and attacking. Its advanced custom error page
checking also gives it the lowest false positive rate in the industry.
Millions of web applications have been developed in the past two decades.
In addition to commercial eCommerce sites, blogging platforms, online
communities, marketing automation and sales force automation platforms,
there are countless custom-built web applications in existence. Examples of
potential vulnerabilities to these web applications include connection
dependencies to back-end databases that are easily compromised via SQL
Injection attacks; firewall and SSL VPN vulnerabilities related to Port 80
and 443 firewall openings that allow HTTP and HTTPS traffic through;
vulnerabilities caused by cross-site scripting attacks that create
deceptive pop-up windows prompting users for personal information; and a
myriad array of vulnerabilities inherent in custom-coded web applications.
Using signature-based checks for known vulnerabilities is not useful in the
web application space because almost all web applications are different.
Neither is it feasible or cost effective to depend on manual penetration
testing.
Pricing & Availability
Retina Web Security Scanner is now shipping and available for purchase.
List pricing begins at $6,995.
For further information about Retina Web Security Scanner or other security
solutions in the eEye Digital Security integrated threat management suite,
please visit www.eeye.com or contact your local eEye sales representative
or channel partner.
About eEye Digital Security
eEye Digital Security is pioneering a new class of security products: integrated threat
management. This next-generation of security detects vulnerabilities
and threats, prevents intrusions, protects all of an enterprise's key
computing resources, from endpoints to network assets to web sites and web
applications, all while providing a centralized point of security management and network visibility. eEye's research team is consistently
the first to identify new threats in the wild, and our products leverage
that research to deliver on the goal of making network security as easy to
use and reliable as networking itself. Founded in 1998 and headquartered in
Orange County, California, eEye Digital Security protects more than 9,000
corporate and government organizations worldwide, including half of the
Fortune 100. For more information, please visit www.eEye.com.
All trademarks contained within this press release are the sole property of
their respective owners and are hereby acknowledged.
Press Contacts
Agency:
Victor Cruz
MediaPR
1.508.655.4397
email: Email Contact
Corporate, North America:
Stacy Newman
1.949.900.4131
email: Email Contact
