Eyeglass Solutions Publication2
Rapid 7 InsightVM - Integration
Home
Overview
The Rapid 7 integration offers a custom tag to flag a host as Data Attack Surface host. This customer tag allows dashboards to report on the Data Attack surface assets as well as build a custom site scan schedule for hosts that are dynamically discovered by the Superna Data Attack Surface Manager . A Data Attack Surface site is created to schedule scans on high risk hosts with a customer schedule. CVE scan results are fully integrated into the AI prediction model within Superna Data Attack Surface Manager
Video Overview
Integration Architecture
Configuration
- The integration requires API access to the InsightVM, once the integration is completed a new Superna Data Attack Surface site is configured to aggregate data risk score hosts discovered by Superna Data Attack Surface Manager.
- The configuration files require the following information to authenticate to the InsightVM
- # ConfigurationUSERNAME = "XXXX"PASSWORD = "YYY"INSIGHTVM_HOST = "https://X.X.X.X:3780"
- The scheduled scan data retrieval will be automated by DASM to build the AI model training data. The results of the AI model will be published into the Sites list of assets. The schedule scan schedule on the site will ensure that all Data Attack Surface hosts are scanned for vulnerabilities.
- Each new Data Risk Score host will be synced to the Site named Superna Data Attack Surface. In addition these assets will have a custom tag applied called cyberstorage. This allows filtering reports and dynamic assets with the custom tag.
Administration and Operations
- Site Management of the Data Attack Surface
- The Superna Data Attack Surface Site Configuration will look like the screenshot below.
- The assets tab is managed by DASM dynamically using the results of the AI model.
- Dynamic Asset Group based on custom tag
- View Vulnerability Trending of the Data Attack Surface Over time
- Reporting and Analysis of the Data Attack Surface Risks
