eEye Digital Security Redefines Vulnerability Management with the Introduction of REM 3.0
Monday, 5 December 2005 12:41 EST



Risk Management Solution for the Enterprise Delivers Unprecedented Visibility and Control

ALISO VIEJO, Calif. Dec. 5, 2005--eEye Digital Security(R), a leading developer of network security and vulnerability management software solutions, as well as the industry's foremost contributor to security research and education, today announced the introduction of the REM(TM) 3.0 Security Management console. REM 3.0 raises the bar for security management by enabling enterprises to quantify and evaluate their security posture using a single console, create and enforce security policies, and deliver an extensible "business process" view for risk management. REM 3.0 gives enterprises the ability to assess and manage vulnerabilities at a granular level never before achieved; allowing IT to evaluate potential security issues at an event, asset or process level and take action immediately across their entire network.


"With over 40,000 machines to manage around the world, I need a solution that allows me to evaluate the risks in my network at both the macro and micro level," said Andre Gold, director of Information Security at Continental Airlines. "REM 3.0 enables me to manage my organization's risk in terms of specific assets as opposed to a series of events, allowing me to view the security posture of the entire network at a glance or the history of an individual laptop from a single console."

"Today's IT professionals are facing an overwhelming number of network vulnerabilities, intrusion attempts and policy violations," said Ross Brown, chief operating officer at eEye. "Our FORTUNE 500 customers have made it clear that they don't have the time or resources to deal with a dozen different consoles, each of which are providing a different 'slice' of the network. REM 3.0 offers a single point of visibility which allows security teams to efficiently collect and analyze data in order to identify risk in a meaningful way and enact solutions before vulnerabilities, threats, and other security issues can impact an organization's productivity."

REM 3.0 is a key component of eEye's expanded Enterprise Risk Management Suite, which also includes Retina(R), the industry's leading network vulnerability scanner, and Blink(R), the most powerful and comprehensive endpoint security software product on the market today. Together, these software products provide an end-to-end solution for global enterprises that need to simplify the management of distributed, complex infrastructure while protecting their mission-critical assets from evolving threats.

"In order to optimize operational efficiency, enterprises should consider solutions that consolidate vulnerability assessment tools within a single product offering, as this convergence of functionality allows IT professionals to assess their enterprises' security posture in a streamlined fashion," stated Loren Rudd, Frost & Sullivan's research analyst for vulnerability management. "At the end of the day, enterprises are managing assets and with REM 3.0, eEye delivers a unique, asset-driven approach to the marketplace that provides a comprehensive view of risk within a complex infrastructure that also allows for granular detail."

The REM 3.0 Security Management Console emphasizes four management areas: comprehensive risk, information, application and remediation automation.

Comprehensive Risk Management

REM 3.0 is unique in its ability to deliver an overarching view of an enterprise's security posture in a single view, while simultaneously providing granular data on individual machines. By providing metrics and graphical representations of multiple factors that contribute to risk (including vulnerabilities, attacks, attack surface and machine criticality), REM 3.0's portal immediately illustrates where potential problems lie within an enterprise on several different levels. The risk views are completely customizable by the enterprise, allowing calculations to be made according to internal policies and objectives across segments of the network. Leveraging eEye's Retina(R) and Blink(R) solutions, REM 3.0's console also delivers information on the progress of remediation activities, providing a predictive indicator on where to focus IT and security resources.

Information Management

A new asset-driven design that aggregates data based on individual machines rather than just events allows users to view and manage security data on a machine-level basis, with values defined by IT. This provides a more comprehensive and contextual view of a network. Additionally, the underlying searchable database structure has been expanded to ensure speed, accuracy and scalability of information flows, to deliver real-time views into assets as well as any associated vulnerabilities and attacks. Rules and tasks can be automated to assist in streamlining operations and increasing efficiency.

Application Management

REM 3.0 has been updated to provide central policy support for both Retina(R) and Blink(R) environments, allowing users to manage all eEye products from a single interface. Retina(R) scan characteristics and jobs can be created and edited, while Blink(R) deployments can be managed by workgroup or policy.

The result is a comprehensive policy enforcement that allows IT to control, view, isolate and remediate any machine on the network, anywhere in the world.

Remediation Automation & Management

As a natural complement to REM's existing vulnerability management workflow capabilities, its patch automation integration allows for the correlation of information from distributed Retina(R) scanners with agent or network-based patch automation vendors. This feature provides a 'closed loop' on vulnerability management within one unified interface, and offers automation triggered by rules. This enables IT to consolidate its remediation functions and get them done more quickly in order to eliminate the window between patch and worm.

For more information about REM 3.0 Security Management Console, please visit: www.eeye.com/rem.

About eEye Digital Security

eEye Digital Security is a leading developer of network security software, and the foremost contributor to security research and education. eEye's award-winning software products provide a complete vulnerability management solution that addresses the full lifecycle of security threats: before, during and after attacks. eEye's customers, Citigroup and the U.S. Department of Defense, represent the largest deployments of vulnerability assessment and prevention technology in the private and public sector. eEye protects the networks and digital assets of more than 9,500 corporate and government deployments worldwide, including Avon, Continental Airlines, Dow Jones, Prudential, University of Miami, Viacom, Vodafone, Warner Music and Wyeth. Founded in 1998, eEye Digital Security is a privately held, venture-backed firm with headquarters in Orange County, California. For more information, please go to www.eEye.com.