Network vulnerability assessments often overwhelm organizations with too many “high” and “critical” results. Compounding this problem is the sheer number of new vulnerabilities that surface each year and the large number of assets that need patching. Add to this the fact that many organizations are still running legacy systems whose vulnerabilities do not have patches. And finally, it is not easy to know whether all network devices were actually scanned.
RedSeal and Rapid7 have teamed up to add network context to InsightVM’s vulnerability prioritization. RedSeal looks at three factors to refine:
InsightVM’s initial prioritization:
First, it determines if a vulnerable host can be exploited from an untrusted network. Second, it determines if the vulnerable host can reach and potentially exploit downstream assets. And, third, it factors in the criticality of the assets in question. If access is permitted and assets are of high value, the priority increases. On the other hand, if layered defenses are preventing access and the hosts are not high value, the priority is reduced.
RedSeal prioritizes vulnerable hosts based on access to untrusted networks and the potential to infect other assets: