Infinigate - Rapid7 - Wat is vulnerability management en waarom heeft mijn klant dit nodig

Rapid7

Detect Threats. Respond with Confidence.

The IT environments are becoming increasingly complex. Numerous endpoints, devices & applications are used within companies. Every year, the amount of data grows enormously, attacks become more sophisticated and the optimisation of IT becomes increasingly difficult. This makes it necessary to have insight into the entire network.

What is vulnerability management and why does my customer need it?

Almost every day, you can read in the news about data breaches and other IT-related incidents at all kinds of companies. Such incidents are usually the (in)direct result of a lack of grip and insight into the security and configuration of the IT infrastructure. An accident can happen at any time, and sometimes the use of an old software version or accidentally leaving a server port open can pose a major risk.

These days, new vulnerabilities are constantly being discovered in systems and applications. Some companies therefore carry out a voluntary or compliance-mandated periodic "pen test" to evaluate the resilience of their IT infrastructure. However, this is only a snapshot: today's results may have a different priority tomorrow due to a change in the IT landscape.

With a Vulnerability Management solution such as Rapid7 InsightVM, networks, servers, endpoints and cloud environments can be continuously scanned and monitored for technical vulnerabilities. Gaining insight into these vulnerabilities is essential, but prioritising and resolving vulnerabilities is just as important.

After all, all IT environments have vulnerabilities, so it is very important to be able to determine which vulnerabilities are most important and what actions need to be taken to resolve them. Most large companies have had a Vulnerability Management program for years, but at Infinigate we see that more and more companies in the SMB and mid-market have a need for insight into and control over technical vulnerabilities. Below is an overview of the most important software vendors in this area:

According to Forrester Research, there are therefore 12 notable players in the field of vulnerability management, of which Rapid7, Tenable and Qualys have the most dominant position. Although the usability, accuracy and integration possibilities are different for each solution, these solutions offer similar functionality: the visibility of technical vulnerabilities in an IT environment. However, compared to manufacturers, Rapid7 has a unique position because of its previously mentioned Insight Platform, which allows the deployment and management of InsightVM to be combined with other relevant security technologies such as SIEM (InsightIDR) and Application Security Testing (InsightAppSec).

Collect » Prioritize » Remediate

Rapid7 InsightVM enables real-time scanning and analysis of networks, endpoints and cloud environments to discover vulnerabilities. This is possible by means of scan engines and agents. A scan engine is a (virtual) machine in your network that automatically starts scanning a scope of IP addresses. The Rapid7 Insight Agent is a light-weight agent for Windows, Mac and Linux which monitors the environment variables of the endpoint or server on which the agent is installed. Based on the collected vulnerability data, Rapid7 then automatically prioritises the found vulnerabilities.

The standard within the IT Security industry to define the severity of a vulnerability is CVSS: Common Vulnerability Scoring System. Rapid7 uses this information, but also enriches it with contextual data and information from Metasploit, the most widely used pen testing framework in the world, to discover how many exploit kits are available for a specific vulnerability. This makes it possible to determine at a very detailed level how important a vulnerability is to the organisation and which vulnerabilities should be fixed first to eliminate as many risks as possible. To resolve vulnerabilities,

Rapid7 InsightVM can help in several ways. For example, you can generate automated PDF reports with the top 10 vulnerabilities that need to be fixed and the actions that need to be taken, you can use automated assistant patching to prepare patches in patch management tools such as IBM BigFix and Microsoft SSCM, and you can start projects with role-based access to fix vulnerabilities. Rapid7's vulnerability management solution is packed with useful features to proactively manage the security of computers, servers and other network infrastructure.

We are happy to schedule an appointment with you to discuss how Rapid7 InsightVM can help you as a reseller to provide your customers with insight and control over vulnerabilities in their network. The video below provides a brief introduction to Rapid7 InsightVM. Would you like to know more? Then please contact us.

For more information, please contact us

sales@infinigate.be/nl

+32 1548 0233

Contact now