Gael Frouin, Information Security Officer at a higher education institution, came on board with the difficult task of transforming a bareboned, regulation-focused program to an efficient (yet comprehensive) one. With the help of InsightVM, Rapid7's leading vulnerability risk management solution, Gael and his team can now account for the diversity of devices and assets that hop on and off of the school's network, and complete this work without the tedious back-and-forth communications.
My name is Gael Frouin, and I'm currently the information security officer of a higher education institution that has around 5,000 students, 2000 staff and faculty and contractors and the main goal is to teach anything related to music.Show more Show less
The current security program—it started being built before I arrived and it was really bareboned, regulation oriented. And I transform that into regulation from regulation slash compliance to security by doing first a risk analysis. That risk analysis led to whatever different projects that included intrusion tests that were actually carried by Rapid7 and we use various tools, from SIEM, Security Incident and Event Management to vulnerability management systems. So we use InsightVM as a product to manage all vulnerabilities.
How does InsightVM make your day to day easier?
So I would say the ability to automate. A lot of the scans that are being done are automated. The ability to delegate the responsibility of fixing and following up on those vulnerabilities, now I delegate a lot more to the application owners. At the really beginning when I was running the tool, I was doing the followup, now I can delegate that.
They manage that on their own. I just inform them and follow when I see that there's no evolution, they haven't done their work, then I follow up with them as always. That's really the main feature, is that ability to automate a lot of the things and automate and delegate. We configure a rule and have the ability to act without human intervention. The system acts on that rule or that vulnerability detection. It's a tremendous gain in terms of speed, time to recovery from a misconfiguration, it's a lot faster that way. By the time I notice the incidents, I have time to deal with it. I push it to the right people. They do the work, it's days. With the automation, it's minutes, or a few hours, or thing like that. So that's really the tool that really helps a lot.
Integrating with AWS
Currently we use, as a public cloud provider, we use AWS as the main one. We use some of their server or infrastructure as a service. We also use processing power from AWS API gateway or CloudWatch or things like that. I just today, because again I learned the new capability from InsightVM, I configured it to be able to track the configuration and have an assessment of that configuration from our InsightVM platform, which is such a gain of visibility that I just got and just realized some misconfiguration.
Overall Experience with Rapid7
My Rapid7 experience has been great. I mean I got quality service, quality products. Products that are easy to use and to start with, I don't have a certification in those products. Still, again, fairly good with the current documentation with the way the UI on the product is. I get pretty advanced in them.
We always try to compare different vendors, but right now with the satisfaction that we have, there's not really competition security-wise on those, at least the main products that are being offered.