BeyondTrust has launched Retina IoT Scanner, a vulnerability scanner to detect IP-based IoT devices on corporate networks. The software is available for free for up to 256 devices. A free cloud version is available to scan unlimited devices.
The IoT scanning capability is also available as a licensed feature in BeyondTrust’s vulnerability management suite.
IoT devices are being deployed in corporate offices for business reasons (for instance, IP-enabled security cameras to monitor the facilities), and by employees who bring consumer devices into the office. But as we learned with BYOD, IT may not be aware that consumer devices are being connected to the corporate network.
BeyondTrust says its IoT scanner will find any IoT device as long as it has an IP address (it won’t find products that connect via other means, such as Bluetooth).
Generally speaking, any vulnerability scanner that works with IPs should be able to pick up IoT devices. The value that BeyondTrust offers is the backend database of consumer and professional-grade devices that it maintains. Such information makes it easier for IT to identify and classify devices to determine whether they should be allowed, and if so, whether there are problems to be remediated.
When the scanner finds an IoT device it will report the device manufacturer, the model, and firmware (if available from a banner or fingerprint).
It will also identify open ports, whether a default password is installed, and whether there are known vulnerabilities associated with the device.
BeyondTrust says it tracks device vulnerability information from multiple sources, including MITRE CVEs. It also tracks vulnerability disclosures from manufacturers that may not use the CVE system.
The Retina IoT Scanner is available now.