- Company (that provides the nominated product / solution / service): Rapid7
- Website: http://www.rapid7.com
- Company size (employees): 1,000 to 4,999
- Country: United States
- Type of solution: Hybrid
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:
Live User Assessment – As the security industry has gotten better at protecting servers and infrastructure, attackers have shifted to targeting users and endpoints. InsightVM uses a universal agent across all Insight Platform solutions that allows customers to see changes to their endpoints in real-time, prioritize activities based on business needs, and merge that information into live dashboards for complete visibility across the environment.
Automated Remediation – Vulnerability remediation can be the most challenging part of a vulnerability management program, with multiple teams and stakeholders having to balance competing priorities and limited resources to get things fixed. InsightVM is the only solution that incorporates malware exposure, exploit exposure, and vulnerability age into prioritizing vulnerabilities, which is then formulated into InsightVM's automated remediation workflow. InsightVM provides remediation projects that allow security teams to automatically work within their existing IT workflow, plan and monitor remediation progress live as it happens, and directly integrate with leading IT ticketing and patch management solutions.
DevOps and SecOps coverage - Infrastructure as a Service (IaaS) is the new network, or at least a critical component in most companies. IT, development, security, and employees are leveraging this new infrastructure, and Security often has little visibility into when devices spin up and what’s on them. Whether organizations use AWS, Azure, VMWare, Containers, or more, InsightVM provides the ability to directly integrate with your IaaS to automatically assess changes in these environments, score them beyond CVE, and translate that risk into live dashboards that provide remediation workflow with a click of the mouse.
10 years ago, vulnerability management was simple: you count your servers and desktops, enter them into a scanner, and scan them once a quarter with little changes. However, modern networks have drastically changed. Thanks to virtualization and cloud services, networks change every minute of every day, and attackers have grown smarter, exploiting an ever-growing range of vulnerabilities. InsightVM allows users to automatically assess their modern infrastructure, from cloud and virtual services to remote workers and containers. Our unique scoring algorithm goes beyond CVSS to incorporate exploitability, malware exposure, and vulnerability age to give users an attacker’s viewpoint of their environment, prioritizing the vulnerabilities most likely to be used in an attack while incorporating business context and live threat feeds from proprietary and public sources.
All of this information is brought together in our Live Boards, live dashboards that let users create custom queries and views for any member of the security team, from a sysadmin who only wants to see their specific assets to a CISO who wants a holistic view comparing business units.
Of course, all of this information does little good if security teams can’t actually go in and fix their vulnerabilities efficiently. Typically, once security runs a scan and sends out remediation reports, they don’t really know if things are actually fixed until the next scan is run, and the IT team has to work outside of their usual processes to fix vulnerabilities. With Remediation Projects, InsightVM gives security teams live visibility into remediation progress so they can realign resources and strategy if needed. Best of all, they integrate directly with IT’s ticketing systems, seamlessly folding remediation into IT’s daily process.