An Interview with Rapid 7- Vulnerability management in 2021

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

We are pleased to announce the partnership of Zuri Technologies and Rapid 7- working together to help businesses navigate through the evolving vulnerability landscape. This month we came together to interview Rapid 7 to understand vulnerability hotspots last year and look to threats posed in 2021.

What were the key vulnerability trends detected in 2020 and how does the landscape look for 2021?

Defenders had to contend with a steady stream of high-severity vulnerabilities in 2020, including many that occurred in internet-facing security technologies like firewalls, VPNs, and secure performance services. Highly exploitable vulnerabilities in security gateway products underscored the need for organizations to ensure they understand their attack surface area and have up-to-date asset inventories of (in particular but not only!) devices on their perimeter.

We also saw quite a few patch bypasses in 2020, including for vulnerabilities that had been previously exploited in the wild by attackers. Patch bypasses or incomplete patches present a real challenge to defenders, as addressing them often requires disrupting regular patch cycles or putting emergency mitigations in place. We expect both these trends to continue in 2021.

With the moves to cloud and remote working here to stay, what would be the significant developments that Rapid 7 will make to refine and expand their support in 2021?

2021 is going to be similar to 2020 with the key support focus remaining on remote and hybrid working. As we’ve watched this shift to the cloud, we’ve also been listening to the needs of our customers who are challenged with managing the security of their cloud environments. Many are asking for additional support and more comprehensive visibility into their cloud and container environments. We see the three main focuses being:

  • Securing the remote workforce– existing tech in insight VMs detection and response framework allows business to have greater visibility of their end points. Particularly needed as users no longer fall under their corporate infrastructure in the same way.
  • Greater visibility of the user’s activity– Main clients queries were around understanding their user behaviour better. This is key for remote working as user’s day to day activities may have changed, requiring systems to be in place which identify usual behaviour.
  • Improved remediation management- ensuring patch works are completed on time and by the appropriately skilled engineer, is key to ensuring your companies risk score remains low. Insight VM’s risk rating enables businesses to streamline workflows and ensure efficient and best in practice remediations are completed.

How do Rapid 7 manage and prioritise the constantly changing cyber threat environment?

The world of vulnerability management has changed from point and shoot tools such as vulnerability scanning and vulnerability management to risk-based management. Rapid7 InsightVM’s Real Risk Score provides a more actionable, 1-1000 scale based on the likeliness of an attacker exploiting the vulnerability in a real attack, so businesses can prioritize their efforts. To further adapt to this change Rapid 7’s researchers are constantly analysing and understanding new threats posed to SME businesses. Utilising their open tool Metasploit, which is an open penetration test framework, which has over 200,000 contributors per year- good actors and bad actors, on average detecting 3000 exploits per year. This information is leveraged against multiple factors which include age and if there is a known exploit kit, which is used to help Rapid 7 to prioritize vulnerabilities.

What would you say the key advantages to working with companies like Zuri Technologies?

From a vertical perspective Zuri and Rapid 7 align well due to their customer base with many clients based in the finance sector. In addition, with Rapid 7 coming from SME/SMB background their knowledge base runs parallel to Zuri’s in depth knowledge of that area. But the main advantage of working with Zuri is “Size and focus and they are geared up to provide a comprehensive service and wrap it up with a great customer support”

More to explore

News Insight- Email Encryption

Zuri Technologies has recently implemented S/MIME certificates to improve email security and build trust with our clients and partners. S/MIME (Secure/Multipurpose Internet

SolarWinds Cyber Attack

The recent cyber-attack on SolarWinds has had far and wide reaching implications not just for the company itself and its users, but