Summer has come to an end. The backyard barbecues are behind us, the hot dogs have all been eaten, and we're all gearing up for some awesome autumn leaf peeping. But before we fall into another season (see what we did there?), we wanted to take a moment to look back on all of the improvements we've made to InsightAppSec and tCell over the last 3 months.
At Rapid7, we're obsessed with making your lives easier, so it's no surprise that most of our biggest improvements to the platform help our customers do more in less time and with less stress. We took a look at authentication, validation, remediation, and auditing. We've punched up our tCell API capabilities, and we've rolled these out this summer to give you more time to focus on the important work of securing your applications (and hopefully having a few well-deserved drinks with those little umbrellas in them). In short, we worked hard all summer so that you can sleep easier this fall.
So, let's make like a backyard pool and dive in.
Here are the most noteworthy updates we made to InsightAppSec in Q3:
Most modern web applications and APIs leverage credentials to improve security. That's great! But for the security professional doing scan after scan day in and day out to find vulnerabilities, this could mean constant toggling back and forth to put in the right credentials on the right screens at the right times to make sure the scans run properly.
No more! We've automated authentication, streamlining the entire configuration process. When you run a new application scan, the authentication page has the automated option as default, saving you and your team tons of time and confusion. You always have the option to create macros, but once you see how smooth the automated process is now, we doubt you'll ever go back.
We've added a new capability that allows security teams to scan for previously discovered vulnerabilities and be sure they've been remediated. Prior to this update, security teams had to open individual vulnerabilities, manually run an attack replay, and if the vuln was remediated, mark it that way. With our new validation scanning feature, you can target all vulnerabilities within a scan and see if they have been remediated or not. It targets existing vulnerabilities and tells your team whether you are good to go.
No more running attack replays for each vulnerability — now, you can check that the work was done in bulk, saving your team time and probably more than a few headaches. What's more, it can help you identify other unknown vulnerabilities that may have been introduced between full scans.
Not all vulnerabilities are created equal, and knowing which ones to prioritize remediating first is an important part of a security team's workflow. InsightAppSec now supports CVSS 3.1 to give security teams the granularity and context they need to properly triage and prioritize app vulnerabilities.
This industry standard will help you understand which vulns to patch first and which ones can wait, even if they have the same level of severity within the InsightAppSec platform scan. The deeper you can dive into the nature of the vulnerability, the safer your application will ultimately be.
Platform auditing comes to InsightAppSec
If you're one of the thousands of companies that use more than one Rapid7 product — first of all, thanks — we've created a centralized auditing platform that works across multiple R7 solutions. This makes it easier to investigate user activities or share activity with auditors as you meet your compliance obligations.
In other words, we're making your auditing of tasks easier. InsightAppSec sends auditing logs directly to the Insight platform showing events such as applications, targets, scan configurations, and files.
Now, let's roll the highlight reel of our Q3 updates to tCell:
Sending events through the Insight Collector
Not every organization has the same security requirements, and for those that are using tCell, that can mean needing a single outbound connection from their environment into the Insight platform. Now you can send those events through the Insight Collector in one stream of data as a proxy removing multiple streams and reducing points of vulnerability.
Improving the API experience
Getting the right information to the right place at the right time is key to maintaining a strong security infrastructure. We've improved tCell's API to set alert preferences and allow alerts to be sent to other platforms like Slack. For organizations with multiple security teams working in tandem, this can help keep everyone on the same page and ensure that the right alerts are seen by the right people.
But that's not the only improvement we've made to tCell's API. Customers can now configure and copy policies. Those tasks can be automated at scale, so no need to manually update via the UI.
These are just a few of the improvements we've made to InsightAppSec and tCell over the last few months and we promise there are even more on the way this fall. If you'd like to learn more about our automated authentication feature, we've got a handy blog post for you here.
Now go and grab a pumpkin-spiced latte — you've earned it.