Vulnerability management has stayed pretty much the same for a decade; you identify your devices, launch a monthly scan, and go fix the results. Yet the modern network is no longer simply servers and desktops; remote workers, cloud and virtualization, and mobile devices mean your risk exposure is changing every minute. You need a vulnerability management solution as dynamic as your company, and that means powerful analytics, reporting, and remediation workflows.
We're excited to introduce InsightVM, the evolution of our award-winning Nexpose product, which utilizes the power of the Rapid7 Insight platform, our cloud-based security and data analytics solution.
The Rapid7 Insight cloud, launched in 2015, brings together Rapid7’s library of vulnerability research knowledge from Nexpose, exploit knowledge from Metasploit, global attacker behavior, internet-wide scanning data, exposure analytics, and real-time reporting we call Liveboards. InsightVM uses these secure platform capabilities to provide a fully available, scalable, and efficient way to collect your vulnerability data and turn it into answers. As the first vulnerability management provider that is also a CVE numbering authority, Rapid7 understands your changing network like never before, and with InsightVM helps you better defend against changing adversaries attacker knowledge gathered from the source.
From Find to Fix, Fast with Fresh Data
InsightVM Live Monitoring gathers fresh data, whether via agents or agentless, without the false positives of passive scanning. With InsightVM you will:
- Automatically assess for change in your network, at the moment it happens.
- Confidently understand the risk posed by your entire network footprint, including cloud, virtual, and endpoints.
- Integrate seamlessly with remediation workflow and prioritize what gets fixed and when.
Context to Act, All the Way to the Endpoint
InsightVM spots change as it happens using a library of Threat Exposure Analytics built by our research teams, and automatically prioritizes where to look, so you act confidently at the moment of impact. As the first vulnerability management solution provider that is also a CVE numbering authority Rapid7 provides the vulnerability context to:
- Easily query your data to understand your risk exposure from any perspective, whether you’re a CISO or a sys admin.
- Shift prioritization of vulnerability remediation towards the most important assets within your organization.
- Deploy a lightweight unified endpoint agent to baseline and only sends changes in vulnerability status.
View a Liveboard, Not a Static Dashboard
InsightVM Liveboards are scoreboards showing if you are winning or losing, using live data and accessible analytics so you can visualize, prioritize, assign, and fix your exposures. Use InsightVM to:
- Build reports to communicate with multiple audiences from IT and compliance to the C-suite.
- Gain an instant view on what new vulnerabilities have been discovered and their priority for remediation.
- Quickly choose from a library of ever-expanding cards to build the Liveboard that helps you get the job done faster.
- Check the status of remediation projects across both security and IT.
- Understand how different segments of your network are performing against each other.
Make IT Your Best Friend, and Get to Done
InsightVM translates security speak into the language of IT, hand delivering intuitive context about what needs to be fixed, when, and why. Using InsightVM Remediation Workflow you can:
- Create and manage Remediation Projects.
- Prioritize remediation using our Risk Algorithm.
- Focus on remediating to the solution, not the vulnerability.
- Track projects using both Dynamic and Static projects for full flexibility.
- See the impact of remediation efforts as they happen with live endpoint agents.
- Integrate the workflow with your ticketing user directory.
All the Insight, None of the Headache
InsightVM capabilities are powered by the Rapid7 Insight platform, which provides advanced analytics and reporting without needing to spend time managing additional hardware, architecture, or scale.
Unlike vendors that have attempted to add security later, every design decision and process proposal from the first day was evaluated for the risk it would introduce and security measures necessary to reduce it. Rapid7 constantly strives to safeguard your data while incorporating cutting-edge technologies to more effectively address your needs.
Cloud questions? Read our Cloud Security Overview to learn more about our approach and the conrrols surrounding the Insight platform, and visit our Trust page.