RedSeal & InsightVM

Visualize Your Network Risk via Vulnerability Attack Paths

Let’s face it: One of the most pressing challenges for modern vulnerability management programs is discerning which vulnerabilities on an endless list pose legitimate risk if not mitigated properly, and which are just noise.

Organizations that integrate the rich vulnerability data from Rapid7’s InsightVM or Nexpose with RedSeal are empowered to clearly visualize their network based risk. Utilizing RedSeal, security analysts can model real world attacks and analyze full attack paths within the network; that information can then be used to prioritize which vulnerabilities pose the greatest threat if successfully exploited. This joint solution enables faster remediation cycles and easier identification of asset-based network threats.

How It Works

An InsightVM* scan is conducted to assess the risk posture of the systems within an organization, with vulnerability results that include a calculated RealRisk™ Score associated with each system. A task in RedSeal is created to query InsightVM on a scheduled basis for the most up-to-date vulnerability information. An XML report is generated via the API to export the results, and the vulnerability data is processed and stored within RedSeal for further analysis.

Figure 1: RedSeal console with vulnerability data

Overview of the Integration Process

• Step 1: InsightVM (or Nexpose) performs a security assessment
• Step 2: A task is created to query InsightVM for latest vulnerabilities
• Step 3: RedSeal calls the InsightVM API for the latest XML report
• Step 4: Vulnerabilities get mapped to the network access context

What You Need

• Rapid7 InsightVM or Rapid7 Nexpose 6.4.47+
• RedSeal 8.4+

*All mentions of Rapid7 InsightVM associated with its integration with RedSeal also apply to Rapid7 Nexpose.