Every modern organization understands the importance of cybersecurity, but the ever-evolving, increasingly complex threat landscape makes it hard to keep up with where to focus your efforts. A tool that effectively defended your assets last year can quickly become obsolete without new data on attacker behaviors and strategies.
Rapid7’s vulnerability scanner, InsightVM is backed by multiple large-scale research projects that keep it on the leading edge of vulnerability risk management. The following ongoing projects bolster the security capabilities of InsightVM—and, if you’ll let us toot our own horn—the greater cybersecurity community.
Metasploit is the most widely used penetration testing tool in the world. That puts Rapid7, the maintainer of Metasploit for over a decade, in a unique position to leverage its wealth of data. Metasploit Framework is open source and has over 200,000 global users and contributors.
The knowledge gained from this collaboration is key to the way InsightVM prioritizes risk in users’ environments. The Real Risk score in InsightVM takes into consideration the latest information from Metasploit Framework, which includes attacker tactics and the availability of exploit kits. In addition to the data from the Metasploit Framework, the Real Risk score also factors in CVSS, vulnerability age, the skill level required to exploit the vulnerability, and criticality tags that you can add based on your unique business priorities.
The Metasploit Framework community also helps us quickly discover and pounce on new vulnerabilities, vastly expanding our coverage of zero-days.
