In the latest examples of our ongoing commitment to support customers using Amazon Web Services (AWS), we announced today two integrations with the AWS Security Hub for InsightVM, our vulnerability management solution, and InsightConnect, our security orchestration, automation, and response (SOAR) solution.
Security Hub is a new solution that allows AWS customers to aggregate and prioritize security findings from across multiple AWS accounts, various AWS services, and partner solutions including our own InsightVM and InsightConnect products.
In this post, we’ll break down the two AWS Security Hub integrations, how they work, and how customers can benefit from them.
InsightVM + AWS Security Hub = Easily shareable vulnerability information
Many organizations today operate in hybrid environments, which means both their security and DevOps teams need visibility into AWS and their third-party applications to keep their environments protected from exploitable vulnerabilities. Though these vulnerabilities have historically been owned by the security team, companies looking to adopt a DevSecOps approach to vuln management can benefit from a centralized view of their vulnerabilities and overall threat landscape so they can get the visibility they need to take action faster.
With the integration between AWS Security Hub and InsightVM, vulnerability findings related to AWS assets are automatically shared by InsightVM with Security Hub. This ensures your Security, IT and DevOps teams have immediate visibility into the potential risk and attack vectors in your AWS environment and are able to centrally manage the information, even if they do not have access to the InsightVM console.
The added vulnerability context from InsightVM also allows teams to prioritize their security tasks more efficiently and reduce measurable risk in their AWS environment.
Need another reason to leverage InsightVM across your AWS environment? Learn more about our newly released AWS cloud configuration assessment feature here.
InsightConnect + AWS Security Hub = Automated actions
Security programs often are hampered by the inability to act on threats and findings in an easy and efficient way, thereby impacting the productivity of DevSecOps teams. The Security Hub integration with InsightConnect allows customers to automatically share, respond and/or remediate these threats and findings in Security Hub, significantly cutting down the time it takes to act on threats in your AWS environments.
InsightConnect features nearly 300 plugins, which means that a finding in Security Hub can trigger a new DevOps ticket, remediate vulnerabilities through a patch management tool, or contain assets that are deemed to be too risky to operate further without inspection. By sharing Security Hub findings with other systems and triggering automatic actions to specific types of findings, InsightConnect ensures SecDevOps teams have the complete picture without succumbing to alert fatigue. With significant time savings and productivity gains across your cloud security operations, you’ll go from feeling overwhelmed to operating at maximum efficiency in no time.
If you are interested in seeing what these Security Hub integrations look like in person, or want to learn more about how the Rapid7 platform can help secure your AWS environment, join us at AWS re:Inforce, where Rapid7 is a Diamond Sponsor. The event will be held from June 25 to June 26 in Boston. You can find us at booth #219.