by Brianna Crandall — January 23, 2017 — BeyondTrust, a global cybersecurity company dedicated to preventing privilege misuse and stopping unauthorized access, last week announced the new Retina IoT Scanner. Powered by Retina, BeyondTrust’s award-winning vulnerability management solution, and delivered by BeyondTrust’s cloud interface, RIoT gives organizations an attacker’s view of their Internet of Things (IoT) risk across the entire perimeter.
With estimates of 200 billion connected devices being in use by 2020, these devices represent a significant, vulnerable attack surface, says BeyondTrust. In addition, IoT devices have recently come under siege from a new breed of malware, most notably Mirai. As most IoT devices, by design, follow a “set it and forget it” philosophy, they generally operate unmanaged, and mostly unknown, notes the company. They typically lack any built-in security or mechanisms for programmatically making device-level changes, all of which are said to make them a significant vulnerability on the network.
With the IoT Scanner, BeyondTrust says enterprises can easily:
- Pinpoint the make and model of a particular IoT device and identify high-risk IoT devices with an easy-to-use interface;
- Safely check for default and hard-coded credentials used with Telnet, SSH, or basic HTTP authentication;
- Generate clear IoT vulnerability reports and remediation guidance; and
- Run free enterprise-grade cloud-based scans with nothing to purchase, install or maintain.
Brad Hibbert, chief technology officer, BeyondTrust, pointed out:
Because IoT devices are connected to the wild, and to each other, not only are they vulnerable to attack, but the data that they produce and the applications that support them are also potential attack vectors. RIoT and our associated audits enable organizations to keep their IoT devices from getting out of control, by quickly identifying them, determining which ones pose the greatest risk, and providing guidance to prevent them from being compromised.
The Retina IoT Scanner is available immediately for free download, and is available for BeyondSaaS (Retina cloud-based vulnerability assessment), and Retina CS and Retina Network Security Scanner customers via the BeyondTrust customer portal.