Insight VMによる修正管理

Let's dive in headfirst with Remediation Projects. InsightVM's Remediation Projects give you the visibility and information you need through the remediation process to carry tasks through completion and verification. To create a remediation project, we must first establish the identifiers for this set of tasks and determine the scope of the project based on the assets or vulnerabilities that we want to address.

Here, we'll filter by Windows assets that have critical vulnerabilities. Next, we'll assign the project to the appropriate party. If you're handing off the duties to your counterparts in IT for patching, you can control the level of context and detail that's included in the ticket, even if they're not InsightVM users themselves. To ensure that the remediation activities for this project are completed in an appropriate window of time, we'll set a due date two weeks from now. Since InsightVM was built to ease collaboration across teams, you can leverage its integrations with IT's existing ticketing tools like Atlassian Jira or ServiceNow to move tasks along.

In this example, we'll set up automated ticketing through ServiceNow ITSM. In just a few steps, we've created a Remediation Project. From this view, we can not only see where we are in the remediation process, but also the actions that we can take to reduce the most amount of risk in the least amount of steps.

So Remediation Projects help us navigate our processes, but how do we track the effectiveness of our program? This can become challenging when the completion of remediation tasks spans multiple teams and projects. Enter Goals & SLAs. We can create different types of goals, including those based on service level agreements to ensure that we're making measurable progress at an appropriate pace and maintaining compliance. When creating a new goal, we can choose between three goal types depending on what we want to track against: Time Bound, SLA, and Continuous. Time Bound goals help you track risk reduction from a static asset or vulnerability by a specified date. SLA goals track your ability to meet certain policies over a dynamic time span. Continuous goals monitor your progress or adherence with ongoing criteria without strict time limits.

Let's choose a Continuous goal for now. Similarly to the Remediation Project we created earlier, we have to first define the scope of our goal for tracking. To ensure we're adhering to best practices, we want to make sure that we never have any assets in our environment with TLS v1 enabled. For today, let's limit our concern to Windows and Linux assets, and reflect that with the appropriate filter. Now that we've defined the scope, we have to specify the exact criteria we want to comply with. We'll label this goal accordingly, and since it's business critical that we maintain compliance with it, we'll keep tabs on it within our custom dashboard. More on that in a bit. We can choose to delve into this particular goal at any time and see our assets that are both in and out of compliance.

Now we know that vulnerability management isn't always about the day-to-day patching work. To assess the effectiveness of our greater security strategy, we sometimes needs a bird's eye view of the overall health of our environment and the measurable risk reduction in our environment over time. This is where Live Dashboards come in. Live Dashboards offer flexible and highly customizable options so you can get to the information you most need quickly.

Let's start by visualizing the goal that we just created. We can add a card that give you a simplified, easily consumable view of whether or not TLS v1 is enabled in our environment. As you can see, we have some work to do to meet our goal. With a library of over 90 cards, Live Dashboards can be tailored to the needs of your unique environment to give you a more insightful view of how your program is progressing over time.

With that, I hope we've shown you today that Rapid7 InsightVM can enable you to reduce risk quickly and decisively, collaborate efficiently with IT, and make tangible progress that you can share with executive stakeholders. If you want to see how remediation can become a reality for your vulnerability management program, start a free trial at rapid7.com/insightVM. Thank you.