Course Description
Looking to develop a vulnerability management program that’s as live as your network? Geared toward security professionals who have little to no InsightVM experience, this two-day interactive class, led by a Rapid7 Security Consultant, will walk you through some basic to intermediate product features, best security practices, and techniques for scanning various devices within a typical network environment.
For flexible and accessible learning, this course is offered both virtually and on-site at your facility. The virtual class is hosted remotely on a Rapid7 lab and features simulated exercises against multiple scenario-driven target environments. Customers who participate in on-site trainings will apply their learned skills in hands-on scenarios in their own environment.
All participants will have access to the InsightVM Certified Administrator Exam as part of their training program; go from being the student to the master and leverage the knowledge gained from class to become certified.
What You'll Learn
Introduction to InsightVM
- InsightVM Architecture
Installation
- Requirements and best practices
- Installing a scan engine and an agent
Operation
- Setting up comprehensive sites
- Understanding the scan process
- Organizing your assets in Real Context
- Reporting in a variety of formats
- Adjusting Real Risk strategies
Administration
- Managing scan credentials
- Creating custom scan and report templates
Creation
- Projects for full remediation
- Queries for detailed deep dive analysis
- Dashboards for Insight integration
Day 1
Your first day will start with a refresher in the basic concepts and workflow of a standard vulnerability management program. During this session, you will complete a practical walkthrough of the InsightVM graphical user interface then progress to real scanning activities.
- Introduction to InsightVM
- Activating InsightVM
- InsightVM Architecture
- Navigating the User Interface
- Scan Processes and Templates
- Dashboards, Projects & Queries
- Groups and RealContext
- Automated Actions
- Create/Manage Users
Day 2
After mastering your vulnerability management basics, Day 2 will consist of lab and lecture, then conclude with outlying questions that may be specific to your particular environment.
- Planning Your Deployment
- Creating and Pairing Scan Engines
- Installing an Agent
- Credentials and Scanning
- Exception Workflow
- Risk Strategies
- Troubleshooting
- Reporting
- Practice Exam
Prerequisites
Ideally, attendees should have the following:
- Experience with Windows® and Linux Operating Systems
- Basic knowledge of network protocols
- Basic knowledge of cloud infrastructure
- Basic knowledge of IPv4 address spacing
- Knowledge of vulnerability management systems