Security Operations & InsightVM

Optimize Your Vulnerability Management Operations

Solution Overview

Being proactive about security entails more than just frequent security assessments of your enterprise assets—it also requires that proper remediation processes are in place to mitigate vulnerability risk. Often times, however, security teams find communicating with their IT counterparts (who are responsible for actually applying remediation steps) a challenge. Sound familiar?

Integrating Rapid7 InsightVM* with ServiceNow Security Operations seamlessly folds InsightVM’s vulnerability data into the dashboards and analytics of your Security Operations modules. Better prioritize and remediate vulnerabilities by tracking remediation progress live and reporting on those that have been successfully patched. That way, you don’t have to hope issues are fixed until the next scan rolls around.

How It Works

Overview of the Integration Process

• Step 1: Rapid7 InsightVM scans your environment to assess the risk posture of the systems within your organization.
• Step 2: InsightVM processes the vulnerability data for each host.
• Step 3: At periodic intervals, the ServiceNow Security Operations connector queries InsightVM for the most up-to-date listing of vulnerabilities.
• Step 4: ServiceNow creates remediation tickets for vulns needing a fix, and closes tickets for those that have been fixed.
• Step 5: Your ServiceNow administrator can then ensure that tickets are assigned to the proper teams for remediation.
• Step 6: With ServiceNow’s next query of InsightVM, you or your team can validate that vulnerabilities marked as fixed have been successfully remediated.

*All mentions of Rapid7 InsightVM associated with its integration with ServiceNow Security Operations also apply to Rapid7 Nexpose.