Last updated at Fri, 27 Oct 2023 23:03:25 GMT
This is the fourth and final blog in a four-part series on the vulnerability management reporting capabilities of InsightVM.
In this blog series, we covered three pivotal reports: (Executive Report, Compliance, and Top 25). We'd like to close this series by discussing something that isn’t really a report at all. Reports serve their purpose as a communication tool, to pass information from one team to another (like security to IT). What they do not do is promote collaboration or automation. Effective collaboration and automation between IT, security, and development teams, something we at Rapid7 like to call SecOps, is the future of vulnerability remediation.
It is not uncommon that IT and security teams work in silos: The security team finds vulnerabilities, then hands them over to the IT team to fix. As we all know, that’s easier said than done. Priorities are often not communicated correctly, IT teams are overburdened with remediation projects on top of their existing work, and security teams get frustrated when vulnerabilities aren’t fixed fast enough.
Without an automated workflow and complete visibility into the vulnerability remediation process, it’s frustrating for both parties. The solution? Remediation projects in InsightVM.
Remediation projects enable you to follow a vulnerability remediation task from beginning to end inside InsightVM by leveraging the power of automation-assisted patching. Here’s how it works:
Remediating tasks across teams and offices with ease
Regardless of whether your IT and security teams are large or small, or centralized or spread out, remediation projects can bring everyone together and provide visibility throughout the workflow so that no one is left in the dark and projects are completed in due time.
InsightVM makes this process even easier by automatically prioritizing vulnerabilities according to the risk factors that are important to you to ensure you’re always working on the most important tasks and not leaving big vulnerabilities unattended.
You may have decided to prioritize critical exploitable vulnerabilities on all your assets. By creating projects for these vulnerabilities for each of your IT teams, the administrators will quickly see what tasks they need to complete to remediate these risks. For example, when Bob, your Windows administrator, views his project, there will be a pre-populated list of tasks to remediate just the issues on the systems he manages, so he doesn’t need to sort through spreadsheets, emails, and other tools just to understand what actions he needs to take. This makes Bob’s job easier and considerably speeds up the vulnerability remediation process.
Remediation projects also eliminate the back-and-forth email tag between IT and security teams. All the information Bob needs to take action is already inside the project, so all he needs to do is click into it to see all the details and action steps. He can also sort through his tasks based on the number of assets affected, the risk remediated by the solution, or the status of the solution in the project. Even better, the project can be sent to Jira or ServiceNow as a ticket so Bob can work within the same tool where he manages his other work.
Progress can be measured in the remediation dashboard so you can track your most efficient remediators, past-due projects, returning work, and more. You can also download and send a status report for team meetings or monthly metrics presentations using InsightVM’s new Executive Reports. This report lets you communicate how many vulnerabilities were remediated, how much risk has been reduced, and the average time to remediation of different severities of issues.
Vulnerability management on IT’s terms
Of course, your IT team doesn’t want to use yet another product—especially a product designed for security professionals. InsightVM integrates with both ServiceNow and Jira so that tickets can be automatically assigned to the correct person with all the details they will need to take action. This way, the security team can stay within their security tool (InsightVM) to get their work done, and IT can stay within their workflow tool (ServiceNow or Jira).
If your organization doesn’t use ServiceNow or Jira, you can either assign remediation tickets to any email address or you can use InsightVM to directly track your projects and assign them to members of your IT team. With vulnerability remediation baked into IT’s workflow, it becomes easier for everyone to get their part done, remediation happens faster, and teams can finally work cohesively.
Shorten the time to remediation with InsightVM’s remediation projects
With InsightVM, there’s no more corralling vulnerabilities, spending hours researching solutions, or nagging IT for status updates, Like a conveyor belt, remediation projects enable this process to move along smoothly. And because every company does vulnerability remediation differently, remediation projects are built for flexibility. You can set up workflows in any way that helps your organization, from determining which risks to prioritize to how long the team should have to get the work done