製品ビデオ

InsightVMによる封じ込めの自動化

InsightVMの封じ込めの自動化が既存のNAC、ファイヤーウォール、EDRツールを活用して、どのように即座に修正が不可能な脅威を封じ込めるのかご説明します。


Video Transcript

The hard truth? We all come across risks that can't be remediated immediately or possibly ever. With Rapid7 InsightVM you can leverage automated workflows to put in place mitigating controls for these vulnerable assets.

Show more Show less

Let's explore how Automated Containment works. Here we need to define the trigger. We have two options for automatically triggering a workflow. When an asset matching the criteria is found or updated or when a vulnerability matching the criteria is found or reassessed. In this case, we'll choose a vulnerability trigger. This workflow will trigger automatically when this specific Windows SMB remote code execution vulnerability is found for the first time within the Boston site.

Next, you'll be presented with the available workflows that can be kicked off automatically. In this example, we'll select the Push Firewall Policy with Palo Alto PAN-OS workflow. This is a very simple workflow that only has one step. It adds an asset to a firewall policy that you've already configured. Next, we'll select a connection with the firewall policy and confirm the Trigger Scope. Once activated the configured workflows are automatically turned on.

By leveraging Automated Containment, we eliminate the gap between when a vulnerability is found and when the risk is mitigated.

InsightVMの自動化機能を無償試用版で確認

30日間の無償試用版で、組み込みのワークフローの自動化について確認しましょう。

無償試用版はこちら