Last updated at Mon, 01 Apr 2019 13:02:00 GMT
Understanding the vulnerabilities that threaten your business is only half the challenge in security—the other is being able to prioritize and remediate them. Traditionally, security teams would detect issues and throw them over the fence to the IT team to figure out, without a process to communicate or collaborate in a cohesive way. This led to broken team relationships and put businesses at risk.
In the past decade or so, there has been a movement to bring IT and security together in a way that enhances each function and puts a focus on doing the right work that moves companies forward. The collaboration between IT and security strengthens the value of each team, but the integrations between the tools they use play an important role, too.
This is where our integration between InsightVM and ServiceNow Security Operations comes in. Our partnership with the industry-leading enterprise IT cloud company is not new—in fact, InsightVM also integrates with ServiceNow ITSM. This Security Operations (SecOps) integration reflects our commitment to helping companies streamline operations to remediate vulnerabilities faster.
Without further ado, meet our integration and all that it can do for you.
InsightVM + ServiceNow security operations
Our cloud-to-cloud integration enriches data pulled from the Rapid7 InsightVM API to help you determine the impact and priority of vulnerabilities for remediation. Rather than vulnerability tasks being dumped on IT in no particular order or without context, the Rapid7 Vulnerability Integration imports discovery, detection, verification, risk classification, and impact analysis from the scanner to manage risk and remediation.
This helps IT teams automatically prioritize and remediate vulnerabilities. Furthermore, remediation progress can be tracked live and reports can be generated to reflect vulns that are successfully patched. And since this integration is entirely cloud-based, it’s lightweight and easy to configure—no servers required.
This means you as a security team no longer have to wish issues were fixed, and IT teams no longer feel overwhelmed or inadequately informed to make the appropriate patches.
Integration highlights
This entirely cloud-based integration is incredibly easy to set up and use immediately. Below are the main highlights:
- Direct vulnerability imports. Say goodbye to tedious, manual ticketing. InsightVM scan data can import directly into ServiceNow Security Operations for assignment and remediation.
- Better oversight. No more wondering whether a vuln is being fixed. Now, you can gain greater context and visibility into individual vulnerabilities as well as your overall risk posture by tracking progress live and viewing remediation reports.
- Enhanced SecOps collaboration. Gone are the days of IT and security silos. Now you can reduce the time of exposure through data-centric, collaborative efforts between IT operations and security.
- Automation for the win. Maximize the work done by both teams while minimizing effort through an automated, closed-loop workflow.
- Easy deployment. Meet the easiest integration yet! Leveraging the InsightVM API, it’s incredibly easy to get started—no server or complicated steps required.
In action: How the integration works
Once you set up the integration from the ServiceNow marketplace, you’re ready to roll. As Rapid7 InsightVM scans your environment for vulnerabilities, it processes the data for each host, and ServiceNow Security Operations periodically queries it for the most up-to-date listing of vulnerabilities. Security Operations then creates remediation tickets for each vulnerability and closes tickets for those that have been fixed. Your Security Operations administrator can then ensure that tickets are assigned to the proper teams for remediation. Security Operations will continue to query InsightVM on regular intervals to create new tickets for new vulnerabilities and mark existing ones as fixed if they have been successfully remediated.
It’s everything you love about InsightVM packaged into ServiceNow for your IT team to see alongside their other day-to-day work with all the context and urgency passed along so you both always know that the most important tasks are being addressed.
Better together, you can maximize the value from each of these tools when you start using this integration. Existing InsightVM and ServiceNow customers can set up the integration by visiting the ServiceNow marketplace. If you’re not yet a customer, sign up for InsightVM here and ServiceNow here to start taking a complete approach to SecOps.
