Valentine’s Day is here, and love is in the air. While the rest of the world might be focusing on couplehood and romance in the interpersonal department, we at Rapid7 have a different take on love. For us, love means security. The greater the security offering to an environment, the greater the love. We’d like to take a moment to appreciate how two of our products, InsightVM and InsightAppSec, work together to secure the entire tech stack for our customers.
Love is the highest form of knowledge
Our love story begins by taking the lay of the land to fully understand just what’s at stake when we talk about security. The modern tech environment is made up of a number of components, each requiring its own security considerations.
It’s no longer enough to just scan your corporate network on a quarterly or monthly basis for vulnerabilities on servers and desktops. Security teams must be able to monitor their entire attack surface, including remote assets, cloud platforms, and virtualized and containerized environments. Even more, security teams need to adapt to the dynamic nature of these environments, where new instances of applications and services can be spun up on virtual machines at a moment’s notice. Once vulnerabilities are detected, organizations need to prioritize and remediate them before they can be exploited by attackers.
InsightVM, our vulnerability risk management solution, and InsightAppSec, our dynamic application security testing tool, work together to provide complete visibility into your entire ecosystem.
Love is blind—but you shouldn’t be
It may seem like a stretch, but love at first sight isn’t just for Valentine’s Day. Gaining visibility into your entire ecosystem is the first step to securing it.
First, let’s start by looking at securing your traditional on-premises environment. You need to have full visibility of the new servers being added to your environment. And we’re not just talking about the traditional, physical servers being carted into your building, but also virtualized servers. InsightVM integrates with VMware so that you know when new virtual machines are spun up, enabling you to scan them for vulnerabilities and mitigate risk.
When it comes to workstations and devices, you need to know what assets you have and what they’re doing. Discovery scans in InsightVM help you find long-lost network devices in your environment or ones you didn’t know existed in the first place. You can then leverage DHCP discovery connections to dynamically uncover new assets as they join the network.
Now, let’s talk about securing your cloud environment. InsightVM’s discovery connections extend to Amazon Web Services and Microsoft Azure to help you achieve complete visibility of your more dynamic ecosystem. So, every time a new device is spun up, it is automatically detected and assessed for vulnerabilities. With Cloud Configuration Assessment in InsightVM, you also have a view into the configuration of your assets in your cloud environment to make sure they’re aligning with industry best practices, such as CIS Foundations Benchmarks.
InsightVM also provides container security by integrating with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process—before they're deployed. Now, the modern web applications that containers are built for need to be secured as well. And here begins the love affair with InsightAppSec.
With InsightAppSec, you can test your modern applications and APIs with cloud scan engines to uncover vulns that may be present in your applications, with the option of leveraging on-premises scan engines that give you visibility into potential bugs in your pre-production or internal apps.
As web apps evolve, they become enticing targets for attackers capitalizing on emerging technologies. According to the 2018 Verizon Data Breach Investigations Report, the most common attack patterns associated with an actual breach were on web applications in 2017, 2017, and 2018.This means the need for security teams to secure them at the pace that developers deploy them is only growing more crucial. InsightAppSec was built to secure traditional web applications and modern web application frameworks. Its Universal Translator analyzes data—such as that from a name::value pair crawl or traffic captured within a proxy capture—to normalize traffic and attack your application to uncover vulns. And since we all know communication is key to any good relationship, InsightAppSec can be enhanced by integrating with DevOps tools such as Selenium, Jira, and Jenkins.
The combination of InsightVM and InsightAppSec gives you full visibility into your entire ecosystem. This enables you as a security professional to truly understand the risk that exists in your ecosystem and take action on it. Time means everything in security, and the more quickly you can identify a compromised asset, the more quickly you can remediate it.
InsightVM prioritizes risk in your environment with its Real Risk score, so your team doesn’t have to spend as much time deciding which vulnerabilities need to be elevated. Furthermore, InsightVM helps you remediate vulnerabilities to reduce risk in your environment with integrations to ticketing systems like ServiceNow and Jira, as well as built-in automation workflows for patching.
For vulnerabilities that you can’t remediate right away, InsightVM includes pre-built automated containment workflows that integrate with firewalls to decrease exposure from these vulnerabilities by automatically implementing temporary (or permanent) compensating controls.
Both InsightVM and InsightAppSec have robust reporting capabilities that provide business and technical stakeholders with a powerful and easy way to measure progress. Rich, technical details on vulnerabilities needing remediation are available directly from the reports, reducing the amount of back-and-forth between security and technical teams during remediation efforts. It’s worth calling out that InsightVM offers customizable and interactive Live Dashboards to track progress of your security program. And, InsightAppSec enables developers to leverage Attack Replay to confirm a vulnerability on their own without needing to run a scan. In other words, after developers have implemented a fix for a vulnerability, they can immediately test their work, helping them to quickly close out their tickets and simultaneously reduce application security risk.
Show some love to your entire tech stack this Valentine’s Day by ensuring its security with Rapid7. Get in touch today for a demo of what InsightVM and InsightAppSec can do for you.