10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
2022 began on a solemn note — many organizations across the globe were recovering from the Log4Shell zero-day vulnerability. For the InsightVM and Nexpose team, 2022 began with a lot of introspection on how we can add more value and keep meeting our customer needs in the best possible ways. This means we continue to prioritize what really matters, even if it means making some hard decisions, and further improve communication with our customers.
Over the course of 2022, we launched many new features and improvements — some highly anticipated, many customer-requested. Log4j was difficult but we learnt from it to be quicker and better with our emergent threat response. Rapid7 recently refreshed our coordinated vulnerability disclosure (CVD) policy and philosophy. As we ran into more edgy kinds of vulnerabilities, we learnt that we couldn’t treat them all as equal and there is a need to be more agile with our CVD approach. So we came up with six classes of vulnerabilities (and a meta-classification of “more than one”) and some broad strokes of what we intend to accomplish with our CVD for each of them.
We reimagined many of our internal processes and teams to drive better customer outcomes. For instance, we are making a significant investment in re-architecting the InsightVM/Nexpose database to ensure VM programs scale with the customers evolving IT environment.
Here’s a snapshot of 2022 in InsightVM:
Agent-based policy********assessment
A robust vulnerability management program should assess IT assets for misconfigurations along with vulnerabilities. That’s why we were thrilled to introduce Agent-Based Policy in InsightVM. Customers can now use Insight Agents to conduct configuration assessments of IT assets against widely used industry benchmarks from the Center for Internet Security (CIS) and the U.S. Defense Information Systems Agency (DISA) to help prevent breaches and ensure compliance.
Remediation Project improvements
Remediation Projects help security teams collaborate and track progress of remediation work (often assigned to their IT ops counterparts). Here are our favorite updates:
Scan Assistant
Scan Assistant provides an innovative alternative to traditional credentialed scanning. Instead of account-based credentials, it uses digital certificates, which increases security and simplifies administration for authenticated scans.
Dashboards and reports
Customers like to use dashboards to visualize the impact of a specific vulnerability or vulnerabilities to their environment, and we made quite a few updates in that area:
Agent improvements for virtual desktops
Pandemic fueled remote work and with it the use of virtual desktops. InsightVM can now identify agent-based assets that are Citrix VDI instances and correlate them to the user, enabling more accurate asset/instance tagging. This will create a smooth, streamlined experience for organizations that deploy and scan Citrix VDIs. Expect similar improvements for VMware Horizon VDIs in 2023.
Improved support
A new, opt-in feature eliminates the need for customers to attach logs to support cases and/or send logs manually, ensuring a faster, more intuitive support process.
In 2022, we added support for enterprise systems like Windows Server 2022, AlmaLinux, VMware Horizon (server and client), and more to the recurring coverage list. Learn about the systems with recurring coverage.
Rapid7’s Emergent Threat Response (ETR) program is part of an ongoing process to deliver fast, expert analysis alongside first-rate security content for the highest-priority security threats. This year we flagged a number of critical vulnerabilities. To list a few:
That’s not all. We added over 21,000 new checks across close to 9000 CVEs to help customers understand their risk better and thus secure better.
Check out our past blogs - Q1, Q2, and Q3 - to get more information on product improvements and key vulnerability coverages.
The past year, we had the privilege to share stories of how our customers are using Insight VM to secure their environment. Check out how your peers are leveraging InsightVM.Here’s what one customer had to say:
For customers looking to improve the utilization of the Vulnerability Management tool, check out this webcast series that covers the different phases of VM lifecycle - Discovery, Analyze, Communicate, and Remediate. Lastly, customers can always leverage Rapid7 Academy to participate in workshops and training to continue their learning journey.
We will maintain the customer-centricity in 2023 as we continue to deliver features and improvements in customers’ best interests. We will be holding a webinar on January 24 around configuration assessment in InsightVM agent-based policy. And, as always, be on the lookout for our annual vulnerability intelligence report coming soon to a Q1 near you (here’s last year’s)!
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C