The wide impact of the Petya-like ransomware in 2017, mere weeks after WannaCry exploited many of the same vulnerabilities, illustrated the challenge that enterprises have with remediating even major headline-grabbing vulnerabilities, let alone the many vulnerabilities that don’t get news coverage. To this end, Rapid7’s vulnerability management solution InsightVM made strides in 2017 to enable security professionals to better communicate with their IT counterparts, and to more easily fold remediation into existing processes to get things done.

Remediation Workflows

With the launch of InsightVM in April, Remediation Workflows became available for all InsightVM customers. Remediation Workflow allows security teams to create remediation projects live within the product, as well as track their progress to completion; both security teams and remediators get a live view of what needs to be done and when, and can get ahead of potential problems before they arise.

Remediation Dashboard

InsightVM’s Liveboards allow customers to easily create a dashboard focused on what they find most important. In June, we added remediation focused cards and a new Remediation Dashboard template so that customers can easily understand remediation progress, what work is left to be done, and which remediators are struggling and may need more help.

We continue to improve this dashboard view with new cards and analytics, including most recently the New vs. Remediated Vulnerabilities Over Time card:

Ticketing integrations with JIRA and ServiceNow

Creating long PDF reports and lobbing them over to IT leads to miscommunication between IT and security teams, and most importantly, leads to vulnerabilities not getting fixed as fast as they need to. In Q2, we launched in-product integrations with JIRA and ServiceNow so that security teams can fold remediation work seamlessly into their IT teams’ existing processes. Best of all, these integrations are easily configurable and provide full flexibility on the level of detail you want to present in tickets.

Data Warehouse Improvements

In 2016, we launched a new and improved dimensional data warehousing model to make it easier to access your vulnerability management data at scale, no matter the size of your organization. The model lets organization quickly and easily extract large datasets from InsightVM for use in their own enterprise analytics tools. We made this capability even easier to use for remediation planning in November with a new table for remediations in the data model, so that customers can export granular vulnerability data and info on what is and isn't remediated. You can find details on using the data model here.

Interested in learning more? You can find additional details of these capabilities on our help pages, and download a free 30-day trial of InsightVM if you haven’t already. You can also view the previous year in review blogs around our major advances helping customers collect and prioritize information.