Back in the day, I had the pleasure of working in an environment that made heavy use of mainframes. These hulking beasts of yesteryear were workhorses, toting VSAM files hither and thither. One of the treats of the day was the abend. For the uninitiated, IEEE defines abend as the “Termination of a process prior to completion.” The mere utterance of the portmanteau abend meant we had a crisis on our hands. We burned the midnight oil and pored over error messages, containing mysteries rivaled only by the Great Sphinx of Giza. In every situation the team learned a lesson: Abend-by-abend, we learned the limitations of a sturdy, yet rigid solution. We learned the hard way where the sidewalk ended and felt alone.
Back in the present century, I’m relieved fewer and fewer teams have to reckon with the arcane abend. However, the lesson I learned retains relevance: For any system, where does the sidewalk end, and when you find it, what can you do?
Where the sidewalk ends…
Everyday Rapid7’s InsightVM teams work to build tools to help our customers collect their security data at scale, prioritize what matters most and remediate vulnerabilities from their environment. While these three areas are made to be easy to understand, companies, network topology and server and desktop infrastructure come in all different shapes and sizes. The resulting complications can be overwhelming for a security team.
When designing InsightVM, we take these complications into consideration and deliver tooling that extends the value of your vulnerability management solution. Here are just a few examples of how we help you define where the sidewalk ends, so you know where to connect next.
Recently, I shared a blog post on a RESTful API for InsightVM. By giving security teams the power to command and control the Security Console, InsightVM allows you to dictate how the system should behave (not the other way around). The RESTful API is available in all editions of InsightVM.
Bespoke code isn’t for everyone. Security teams may not have the tools nor resources to maintain code. InsightVM also offers a wide variety of technology integrations built to work out-of-the-box.
AWS Asset Synchronization
Security teams can never have enough visibility. When considering dynamic, ephemeral networks such as those powering workloads in AWS, where VMs appear and disappear in a moment, obtaining and maintaining visibility gets harder.
With the AWS Asset Sync discovery connection in InsightVM, security teams gain:
- Visibility to assets that are online, as they appear
- Automated tag imports from infrastructure directly
- Automated cleanup of assets when they are decommissioned.
When coupled with the Insight Agent and the pre-authorized scan engine in the AWS Marketplace, the AWS Asset Sync connection gets you the visibility to the risk in your infrastructure with minimal effort. Read more here.
Incident assignment for ServiceNow and JIRA
It’s hard enough to get visibility into where risk lives in your environment. When a security team has accomplished that, they still have the need to determine the right teams to drive a given remediation.
InsightVM delivers the Remediation Workflow, providing security teams tools to distribute and track remediations within their environment. The Remediation Workflow integrates directly with both ServiceNow and Atlassian JIRA without writing a single line of code. Incidents and tickets are delivered based on configurable rule-based logic, so once remediation owners have been identified, the rules may be used over and over again, saving time and energy.
Read more here.
Credential lookup for CyberArk
One of the best ways to maintain visibility to your environment is through use of authenticated scans. Credentials are some of the most sensitive data an organization can store. Therefore, their protection, rotation and management are often delegated to solutions like those provided by CyberArk.
InsightVM offers built-in connectivity with CyberArk to supply InsightVM scans with securely managed credentials.
Read more here.
Don’t abend, extend
These are just a few examples to illustrate the capabilities that prompted InsightVM’s recognition as a leader in The Forrester Wave™: Vulnerability Risk Management, Q1 2018.