自動化によるInsightVMのパッチの支援のよりInsightVMがどのように修正をおこないましょう。 existing security tools like IBM BigFixや、Microsoft SCCMのような既存のセキュリティチームを活用してどのようにより迅速に、より容易にリスクを低減できるのかご説明します。
With Rapid7 InsightVM, you can leverage automated notifications and workflows to streamline the vulnerability management process and finally put an end to your building backlog. Let's explore how simple remediation can be with Automation-Assisted Patching.Show more Show less
Here, we need to define the trigger. We have two options for automatically triggering a workflow. When an asset matching the criteria is found or updated, or when a vulnerability matching the criteria is found or reassessed. In this case, we'll choose a vulnerability trigger.
This workflow will trigger automatically when this specific Windows SMB remote code execution vulnerability is found for the first time within the Boston site. Next, you'll be presented with the available workflows that can be kicked off automatically. We're going to choose Automation-Assisted Patching with IBM BigFix because these are extremely high criticality vulnerabilities that we want to patch as soon as possible. Here, you can see the steps that make up the workflow. Finally, once you set up the connection to the BigFix system and confirm the trigger scope, the workflow is ready to be activated.
Configured workflows are automatically turned on. But you can disable them at any stage from the workflows page. You can go into the history page to see the status of all automations that have run or are currently running.
Clicking on any of the automation events will give you more details about what's happening in the workflow. We designed the Automation-Assisted Patching workflows to give the user control over when and how patches roll out. Meaning, we don't patch anything without a human giving it the okay. That's why a decision is required to continue running this workflow.
Once a decision is submitted, the workflow finishes running through its steps and a report will be generated summarizing what was remediated.