eEye Retina Network Security Scanner Earns “Best Buy” from SC Magazine

Five out of five stars in every category for Vulnerability Assessment Group Test

(Irvine, CA) May 13, 2009 — eEye Digital Security (www.eeye.com), a provider of integrated security and threat management solutions today announced that SC Magazine recently reviewed its Retina Network Security Scanner, giving it the highest possible rating of five out of a possible five stars in all categories. In its recent group test of vulnerability assessment products eEye’s Retina was awarded “Best Buy” honors, a distinction reserved for products that SC Magazine Lab rates as “outstanding”.

The May 2009 issue of SC Magazine established that eEye’s Retina Network Security Scanner is “a great value for the money for almost any size environment,” and “provides a lot of great functionality that is easy to use and manage, all at a reasonable price.”

The review stated that the Retina Network Security Scanner is “a quick and simple installation” as well as “comfortable and easy to navigate.” It also calls set-up and configuration of scans “simple and intuitive.”

SC Magazine gave Retina Network Security Scanner five stars in all six categories: Features, Ease of Use, Performance, Documentation, Support and Value for Money.

The Retina Network Security Scanner provides multi-platform vulnerability management. Retina identifies known and zero-day vulnerabilities and provides security risk assessment, enabling security best practices, policy enforcement, and compliance with regulatory audits SOX, HIPAA, GLBA and PCI. Retina is available in three versatile delivery forms including Software, Appliance or Hosted (on demand) versions which makes it especially unique and suitable for any environment

“This report from SC Magazine shows us that our team has succeeded at delivering a product that exceeds expectations in categories across the board and is able to drastically raise the bar in network security,” said eEye CEO Kamal Arafeh. “We're honored to have SC Magazine recognize our Network Security Product with such high regards.”
eEye Digital Security is a provider of integrated security and threat management solutions with an installed base of some 9,000 customers including over one-half of America’s largest corporations as listed on the Fortune 100.

To Purchase eEye Products visit http://www.wideeyesecurity.com

New eEye Blink Server 4 Edition to Secure Application Servers

Integrated Server Protection Platform featuring a Web Application Firewall, Protocol based Intrusion Prevention, and File Tampering Monitoring for Servers

(IRVINE, CA) April 20, 2009 — eEye Digital Security (www.eeye.com), an expert in integrated security and threat-management solutions, today announced the general availability of Blink Server 4, an integrated protection platform for all types of Windows servers and applications.

Blink Server offers complete protection for all mission-critical servers by combining multiple-layers of server security capabilities and leverages an intrusion-prevention engine that protects against zero-day attacks including the most recent threats posed by Conficker. It also provides buffer overflow and patent-pending ActiveX protection.

“The addition of Blink Server helps round-out our product suite, which also features endpoint security and vulnerability assessment," said Chris Silva, eEye's Chief Architect and VP of Products. "We developed the solution based on the needs of our customers to enhance server security and combat threats in real-time as they migrate away from stand-alone anti-virus point solutions and adopt comprehensive endpoint management. When used along side of Blink Professional, Blink Server Edition helps them deploy a unified technology solution to both desktop and server platforms allowing for streamlined management.”

Blink Server 4 includes eEye’s SecureIIS Solution, a Web-Server Application Firewall that meets section 6 of the PCI DSS v1.2 requirements.

Blink Server further meets customer needs by thwarting 100 percent of all remote intrusion attempts on mission-critical servers such as those that host databases, financial, e-mail and Web-facing applications. Blink Server does this by providing a complete protection platform with integrated threat-management capabilities:

# Optimized rules and performance for server communications
# File monitoring for change control and tamper monitoring
# Application and system firewall for application communications control
# Virus and spyware protection
# Protocol-based intrusion prevention
# Vulnerability assessment to meet PCI, HIPAA, SOX, GLB, and FERPA compliance
# Patented system protection featuring Execution and Registry protection and monitoring
# Zero-day attack protection including buffer overflow and patent-pending ActiveX protection
# Configuration management enforcement and reporting

Blink Server 4: Primary Business Benefits:

# Optimizes defenses against viruses, spyware, worms, Trojans, cross-site scripting, SQL injection attacks, e-mail server protection, mis-configurations, and other malicious zero-day exploits through layered security protection
# Provides significant administrative time savings and reduces system resource requirements for memory by consolidating multiple security agents into a single light-weight agent
# Reduces security costs by more than 70 percent by eliminating the licensing and support costs associated with buying and maintaining multiple security solutions
# Offers centralized attack, risk, vulnerability and overall security management in a single Web-based user interface when deployed in combination with REM, eEye’s Security Management Console


To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye Offers Free Utility to Detect Conficker Worm and MS08-067 Patch

Estimates peg 9-12 million computers already infected by earlier strains of Conficker

(Irvine, CA) March 31, 2009 — In response to Conficker, a breed of self-updating worms that is difficult to avoid, Researchers at eEye Digital Security (www.eeye.com) have devised a Conficker detection engine that centers on running a network scan to detect hosts compromised or vulnerable to Conficker. In a proactive measure to protect users, starting today, organizations can download from eEye a free utility that is built around the company’s Retina Network Security Scanner that will detect hosts that are compromised with this latest worm and malicious botnet or do not have MS08-067 applied, the most effective propagation technique that Conficker uses.


The Retina Utility from eEye can be downloaded at:
http://www.eeye.com/html/downloads/other/ConfickerScanner.html

The Conficker worm utilizes a variety of attack vectors to transmit and receive payloads, including: software vulnerabilities (e.g. MS08-067), portable media devices (e.g. USB thumb drives and hard drives), as well as leveraging endpoint weaknesses (e.g. weak passwords on network-enabled systems). The Conficker worm will also spawn remote access backdoors on the system and attempt to download additional malware to further infect the host.

“The Conficker worm represents predictions eEye has been making for years,” said eEye CEO Kamal Arafeh . “Blended threats can take advantage of a missing patch, propagate though a USB key, create a silent but crippling peer-to-peer network, and provide the stealthiest capabilities of a botnet using complex command and control methods. eEye Research has developed solutions to protect against these threats as monolithic entities and when combined, our solutions are very effective in identifying and stopping the propagation of blended threats such as Conficker.”

The Retina Network Security Scanner thwarts network exploits and data loss attacks by analyzing specific pieces of operating systems, applications, and policies. The tool identifies high-risk host components and determines how malware such as the forthcoming Conficker worm can potentially leverage systems for malicious activity due to missing patches, poor configurations, and vulnerabilities.

In addition to the detection of the Conficker worm, eEye Digital Security's Blink Endpoint Protection Platform can effectively protect hosts, even if they are not patched, from the propagation of this worm. Using protocol based IPS analyzers, Blink can detect and stop the malicious traffic associated with MS08-067 and block the worm from self propagating. For installations that are already infected, Blink's multi layer antivirus engine will remove the Conficker worm and provide protection until a permanent remediation is performed on the host.

System Requirements to download eEye Retina Utility for Conficker:
# Operating System: Windows 2000/XP/2003
# Internet Explorer Version 5.01 or higher
# System RAM: 128 MB
# Storage: 20 MB


Related Links & Resources:

The HoneyNet Project:
http://www.honeynet.org/papers/conficker/

Felix Leder and Tillmann Werner Analysis:
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker

Microsoft Advisory - 967940
http://www.microsoft.com/technet/security/advisory/967940.mspx

Microsoft Malware Protection Center:
http://tinyurl.com/absz6f

Microsoft Security Bulletin MS08-067:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

SANS - Internet Storm Center:
http://isc.sans.org/diary.html?storyid=5860

Shadowserver Foundation:
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090212


To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye Awarded 2009 Everything Channel Five-Star Partner Program Guide Certification

eEye Channel Partner program recognized as ‘exceptional’ by leading Channel authority

(Irvine, CA) March 30, 2009 — eEye Digital Security (www.eeye.com), an expert in integrated security and threat-management solutions, today announced it has been recognized by Everything Channel as one of North America’s top information-technology (IT) vendors for its channel partner program.

eEye’s partner program was awarded a Five-Star certification in Everything Channel’s 15th annual 2009 Partner Program Guide (PPG), acknowledging its commitment and strength of its programs for reseller partners which include IT integrators, technology solution providers, and consultants.

A list of PPG winners will appear in the March 30 issue of CRN magazine, the channel industry’s leading publication, and online at www.Channelweb.com, the world’s largest channel industry portal.

Partners stand to gain up to 40% margins by teaming with eEye. Two levels of partnership (Advisor and Expert) provide the opportunity and flexibility needed to participate in the eEye channel program. The value of being an eEye Digital Security Partner lies in the business opportunity to build a highly profitable business with high margins coming from product sales, professional services and managed service offerings.

eEye partner LockNet, Inc., of La Crosse, WI, provides managed security services to 400 customers and supports more than 2,500 end devices. Security services accounts for 45% of its business. Says Jeff Reiter, vice president of finance, “Business has tripled in the last year, largely due to the MSP side of the business, and we’re on pace to double again this year.”

Research for the 2009 Everything Channel Partner Programs Guide and the Everything Channel Five-Star Program was conducted by Everything Channel's Institute for Partner Education & Development (IPED). IPED analyzed 130 vendor programs rating vendors' responses to nearly 60 in-depth questions about their partner programs in the six elements of sales support, marketing support, partner profitability, channel operations, communications and partner recruitment. To ensure fair comparisons, companies were placed in one of four categories based on company size.

IPED weighted the responses to each question about such program elements as sales support and partner recruitment so that the total weight given to a vendor's answers in any of the six elements can potentially be scored as high as 100. The weighting scheme varies depending on the company size and product type and is based on IPED proprietary analysis methodology and intellectual property. In each of the four company categories, the companies with the highest overall weighted scores received the Everything Channel Five-Star Program designation.

“Now more than ever, the quality of a vendor’s partner program determines how profitable its partners will be. So for their commitment to their partners, and their efforts to build quality programs, we congratulate this year’s Five-Star Partner Program Guide winners for helping to drive greater revenue in the channel,” said Robert C. DeMarzo, senior vice president and editorial director, Everything Channel.


To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye Digital Security Offers Unique “Any Means Possible” Penetration Testing Services

eEye Digital Security Offers Unique “Any Means Possible” Penetration Testing Services

eEye extends Research services to include elite penetration testing service that will be available for 25 percent off through April 30, 2009

(Irvine, CA) March 9, 2009 — eEye Digital Security (www.eeye.com) , an expert in integrated security and threat-management solutions, today announced that they have expanded a previously private offering known as AMP, the Any Means Possible penetration testing service. As more and more security companies attempt to offer their version of penetration-testing services, the true value of these services has diminished into little more than standard “scan-and-report” services.

The AMP offering utilizes the expertise and unique skill set of eEye researchers in order to emulate real-world attacks against an organization. This process provides private and public organizations with a real-world defense exercise that allows them to assess their security posture against a well-equipped and advanced attacker team that has targeted their mission-critical data or systems.

eEye Digital Security will be offering its Any Means Possible Penetration Testing Services at 25 percent off the retail price for all purchases made from March 9 through April 30, 2009.

“eEye Research has been performing these engagements for years as part of our private security intelligence service Preview,” said eEye Research Director Andre Derek Protas. “The eEye Research Team has seen the penetration market dwindle down to a simple vulnerability scanning service that operates under a penetration testing name. Most companies understand that they have critical data or systems that, if successfully compromised by an attack team, could result in substantial losses to the company. Our AMP methodology is designed specifically to test the security mechanisms put into place to protect that data by emulating real-world attack scenarios, giving customers actionable data to use for business decisions.”

To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye’s Web Server Protection Voted WindowsSecurity.com Reader’s Choice Award Winner – Second Runner-Up

(Irvine, CA) February 26, 2009 — Leading Windows Security resource site, WindowSecurity.com, announced today that eEye Digital Security’s SecureIIS Web Server Protection was selected second runner-up in the Web Application Security category of the WindowSecurity.com Readers’ Choice Awards.

“Our Readers’ Choice Awards give visitors to our site the opportunity to vote for the products they view as the very best in their respective category,” said Sean Buttigieg, WindowSecurity.com manager. “WindowSecurity.com users are specialists in their field who encounter various network security solutions at the workplace. The award serves as a mark of excellence, providing the ultimate recognition from peers within the industry.”

WindowSecurity.com conducts monthly polls to discover which product is preferred by Network Security administrators in a particular category of third party network security solutions. The awards draw a huge response per category and are based entirely on the visitors’ votes. WindowSecurity.com visitors can submit their votes for the current Readers' Award poll in the site’s left-hand bar.

To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye Announces Industry First Appliance to Manage 200 Blink Security Agents

New product makes integrated security and threat management simple to help maximize organizations limited resources

(Irvine, CA) January 27, 2009 — To address the evolving security landscape, eEye Digital Security (www.eeye.com), an expert in integrated security and threat-management solutions, today announced the availability of the Blink Security Management Appliance 200, the first and only mini appliance designed to deploy and manage up to 200 computer desktops secured by eEye’s Blink Professional security software.

The appliance is ideal for small-to-medium sized businesses looking to meet regulatory compliance and avoid agent overload and the labor intensive task of having to manually configure and set up dedicated servers and databases to manage multiple security agents.

“Considering recent changes in regulatory compliancy, malware specifically designed to disable endpoint security solutions, and the rise in attacks focused on social engineering and PC applications, the need for centralized management, even for the smallest business, is more critical than ever,” said eEye CEO Kamal Arafeh,. “Businesses are concerned with ways to offset the cost of a management server while still providing full functionality for even the most stringent regulatory compliance.”

As a single lightweight client, the Blink 200 delivers integrated multi-layered desktop protection against known exploits, zero-day attacks and all other attack vectors. The Blink 200 enables regulatory compliance in a single form factor solution and is ideal for environments with up to 200 Windows personal computers and for businesses requiring complete, multi-layered, managed endpoint-protection or vulnerability-management using agent-based host technology.

eEye has optimized the Blink 200 appliance with its REM Security Management Console to offer unrivaled threat-management and protection via managed firewalls as well as anti-virus, anti-spyware, host-based intrusion prevention, and vulnerability assessments.

The appliance also combines all licenses, software, and deployment packages into a single solution to offer complete desktop protection as a platform.

eEye Blink Security Management Appliance 200 - Key Features

# Ready for rapid deployment, power on to full protection in 15 minutes
# Fully packaged and configured with Blink Professional Agents
# Features eEye’s SRT (Software Removal Tool) for removal and uninstall of other malfunctioning or undesirable security agents prior to Blink deployment
# Blink Management is performed using eEye’s REM Security Management Console with all the robust features of an enterprise security solution for regulatory compliance, data loss prevention, vulnerability management, and change control
# Completely managed through a web interface and extensible with Backup and Restore functionality for disaster recovery, hardware faults, and change control
# Rapid migration from the Blink 200 to the eEye Security Management Appliance 1505 for organizations experiencing growth
# Headless operations for configuration and management with all embedded licenses, software, and updates provided by eEye

To Purchase eEye Products visit http://www.wideeyesecurity.com

eEye Adds Patent-Pending Protection For ActiveX Attacks

New technology provides solid protection and allows web-based script code to decrypt itself allowing for more powerful attack identification

(Irvine, CA) January 22, 2009 — eEye Digital Security (www.eeye.com), an expert in integrated security and threat-management solutions, today announced the availability of a new, patent-pending technology for protection against ActiveX controls containing zero-day vulnerabilities.

The new technology has been programmed into eEye’s Blink Endpoint Security solution and effectively blocks all threats within ActiveX, the lowest common denominator attack vector for the majority of Internet Explorer exploits.

Traditionally, intrusion protection systems are required to decrypt malicious scripts which is a memory-intensive process and not very effective. With the addition of this new technology from eEye, users are able to allow Web-based script code to decrypt itself in a safe manner and allow Blink to identify attacks at the last possible state prior to a potentially malicious execution. This saves the user from Web-based script code that is designed to maliciously execute ActiveX controls. This occurs by hooking into the ActiveX system itself, which must be called by Web-based script code in order to exploit ActiveX vulnerabilities.

“This methodology has proven to be much more effective than the decryption methods of other intrusion protection vendors,” said Andre Protas, eEye director of Research and Preview Services. “We developed the technology through our R&D team, which constantly analyzes current attack trends to identify the next evolution of threats. While many of these evolutions have small iterations and change rapidly, we typically identify a common denominator that allows us to provide protection against current attacks as well as the next evolution of attacks.”

The eEye ActiveX protection engine within Blink Endpoint Security also contains a heuristic system that analyzes calls to ActiveX controls that may have zero-day vulnerabilities. If a suspicious call is witnessed, the script is automatically blocked and additional action is not necessary by the user to block the attack.

eEye tested the new technology against threats that have emerged from ActiveX controls during the past several years as well as against a database of zero-day ActiveX vulnerabilities. The protection mechanism has proven to be 100-percent effective at blocking remote-code execution.

“This new mechanism is another example of eEye’s overall protection strategy,” added Protas. “Our mission is to provide zero-day protection for the threats of today along with proactive protection from the threats of tomorrow."

To Purchase eEye Products visit http://www.wideeyesecurity.com