eeye and vmware present: close your virtual app security gap

eEye Digital Security 1.866.339.3732 www.eEye.com [email protected]

Close Your Virtual App Security Gap

Presented by: eEye & VMware

November 3, 2011

eEye Digital Security 1.866.339.3732 www.eEye.com #eEyeThinApp 2 2

Webinar Contest – Motorola Xoom Tablet

Join today’s conversation

by using the hashtag -

#eEyeThinApp

Ask a question in the

GoToWebinar

interface

eEye Digital Security 1.866.339.3732 www.eEye.com #eEyeThinApp 3

Agenda

Quick Company Introductions

Retina & ThinApp Overview

Virtualization Trends

Security Management Challenges & Solutions

ThinApp & Retina Integration

Q&A


eEye at a Glance

Industry Pioneers

Leaders in IT security since 1998

Developed one of the first vulnerability

scanners

Growing and profitable

Thought Leaders

World-renowned security research team

Trusted advisors to organizations across

diverse industries and sizes

Security Experts

Seasoned security professionals

Thousands of customers

The largest VM installations in the world

Award-Winning Solutions

Recognized product leadership

Securing companies of all sizes

Unparalleled services and support

VMware is the Customer-Proven Market Leader

Company Overview $2.9 billion in 2010 revenues

Over $3 billion in cash

28%+ operating margins

~9,000 employees worldwide

5th largest infrastructure software

company in the world

Proven in the Trenches 250,000+ VMware customers

100% of Fortune 100

100% of Fortune Global 100

99% of Fortune 1000

97% of Fortune Global 500


Retina: Reducing IT Security Risk

“Retina provides a solid feature set with

easy-to-use scanning controls. It’s an

excellent vulnerability scanner at a good

price. This one gets our Best Buy.”

“eEye’s security research team continues

to provide good Windows vulnerability

coverage and mitigation advice for zero-

day vulnerabilities.”

“Retina has many desirable features…and

an extremely flexible reporting portal. The

product is also attractively priced.”

“…high marks from readers for its breadth

of applications and devices. The

vulnerability management product also

scored well for effectively and accurately

identifying vulnerabilities in a timely

manner and its scalability.”

The Industry Experts Say… Problem: With the recent influx of costly high-

profile hacks and attacks, effective IT

security risk management is a concern

for organizations of all sizes.

Symptoms: Attack vectors and exploits

Compliance requirements

Virtual and cloud environments

Mobile computing

Social networks

Solution: eEye Retina Only vulnerability management solution

for centralized vulnerability and

compliance management - integrating

risk discovery, prioritization,

remediation, and reporting for

physical, virtual and mobile assets.


Problem:

Tightly coupled relationships between OS,

Applications and Data

Symptoms:

Application Conflicts

Complex Compatibility Test Matrices

Diminished Time to Deployment

Loss of User Productivity

Increased helpdesk support calls

Solution: VMware ThinApp

Agentless application virtualization

decouples applications & data from the OS

ThinApp: Creating Conflict Free Desktops

2009 Reader’s Choice Award

2010 Best product in category

www.virtualizationreview.com


Virtualization & Vulnerability Trends

Vulnerability management for virtualized applications

is critical to the overall security of an organization…

More than 80% of enterprises now have a virtualization

program or project.*

Increases in virtual programs equals an increase in the number

of applications that are virtualized.

The number and severity of vulnerabilities is increasing…

2010 had the largest number of vulnerability disclosures in

history—8,562. This is a 27 percent increase over 2009.**

The vast majority of vulnerability disclosures are rated medium

(60 percent) or high (33 percent) severity based on CVSS

methodology.**

* Gartner Virtualization Reality Report

** IBM X-Force 2010 Trend and Risk Report

Why Virtualize?

Reduced operating and capital costs

Improved utilization of computing resources

Greater IT staff productivity


Challenge: Why is it Difficult to Scan Virtual Apps?

Windows

Operating System

ThinApp

Compressed Container (EXE)

Virtual OS (VOS)

Application

Registry Access

File Access

Virtual

Registry

Virtual

File System

Physical

Registry

Physical

File System

Sandbox

ThinApp

Architecture

Vulnerability management for

virtualized apps is a challenge

because it is difficult to…

Detect and scan virtual apps

when the apps are not

executing.

Identify where virtual apps

have been executed across

the enterprise.

Identify the vulnerabilities

associated with the

packaged applications.


Solution: How to Scan and Secure Virtual Apps

Windows

Operating System

ThinApp

Compressed Container (EXE)

Virtual OS (VOS)

Application

Registry Access

File Access

Virtual

Registry

Virtual

File System

Physical

Registry

Physical

File System

Sandbox

RETINA Network

Reduce risk by ensuring ThinApp

applications are properly

discovered and are part of

standard vulnerability

management processes.

Increase visibility and automate

vulnerability assessment for

ThinApp packages.

Decrease time, effort, and cost

associated with the discovery and

remediation of vulnerabilities

within ThinApp applications.

RETINA CS

Retina is the first and only

solution to provide vulnerability

management for applications

virtualized with VMware’s

ThinApp Technology to:


Scan VMware ThinApp Packages

Scan an enterprise and detect where ThinApp applications

have been executed to provide centralized reporting over

ThinApp packages.


Remediation Guidance

Step by step guidance to remediate vulnerabilities.

13 13

Create Custom Audits

In addition to extensive built-in audits, users can also create

custom audits to detect vulnerabilities in custom or unique

applications.

eEye Digital Security 1.866.339.3732 www.eEye.com #eEyeThinApp

14 14

Securing VMware Virtual Environments

Vulnerability Scan & Management Ongoing Config Assessment &

Analysis

Hypervisors VMware VMware ESX

Applications Apps virtualized with VMware ThinApp

technology

NEW: Retina provides the industry’s first vulnerability management solution

for VMware’s ThinApp technology.

NEW: eEye is the first vulnerability vendor to support VMware ESX

configuration assessment within its unified scan engine, Retina.

- With the built-in Retina OVAL certified SCAP engine, customers can use

industry or custom benchmarks for their virtual servers to provide

ongoing configuration assessment and analysis.

Retina can scan hypervisors and virtualized machines.



What We Covered Today

Benefits of ThinApp

Streamline application mobility

Eliminate application conflicts

Minimize costly recoding and

regression testing

Streamline application

management

Reduce IT support and

helpdesk costs

Strengthen endpoint security

Increase workforce mobility

Integrates with existing

management platforms

Benefits of Retina Integration

Reduce risk by ensuring ThinApp

applications are properly discovered

and are part of standard

vulnerability management

processes.

Increase visibility and automate

vulnerability assessment for

ThinApp packages.

Secure the entire virtual

environment from hypervisors and

virtual machines to virtual apps.

Improve security with ESX

configuration assessment.


Let’s Go to the Questions

Free Resources: eEye’s Tradition of Supporting the IT Security Community

Retina CS Community: http://www.eeye.com/CSCommunity

Vulnerability Experts Forum: www.eeye.com/vef

Zero-Day Tracker: www.eeye.com/zdt

Keeping Up with eEye and VMware

eEye Twitter:

www.twitter.com/eeye

eEye Blog:

http://blog.eeye.com

VMware Twitter:

www.twitter.com/vmware

ThinApp Twitter:

http://twitter.com/thinappguru

http://www.eeye.com/CSCommunity

http://www.eeye.com/vef

http://www.eeye.com/zdt

http://www.twitter.com/eeye

http://blog.eeye.com/

http://www.twitter.com/vmware

http://twitter.com/thinappguru


VMware ThinApp Resources

View

Community Demo

ThinApp Product Homepage – 60 days eval download http://www.vmware.com/products/thinapp/

ThinApp Blogs http://blogs.vmware.com/thinapp/

ThinApp Community http://communities.vmware.com/community/vmtn/entdesk/thinapp/

http://www.vmware.com/products/thinapp/

http://blogs.vmware.com/thinapp/

http://communities.vmware.com/community/vmtn/entdesk/thinapp/

Thank You!
