This blog post was co-authored by Andrew Silberman and Justin Buchanan.
It’s well known in the world of cybersecurity that you can’t secure what you don’t know exists. With today’s evolving threat landscape, it’s never been more of a challenge or a necessity to be able to discover and manage all of the accounts and credentials used by administrators and applications to access critical applications, systems, and data.
While no solitary solution can address every security threat, CyberArk and Rapid7 have been working together to make life much easier and more secure for organizations working to reduce risk in a dynamically changing world. There are a number of out-of-the-box integrations between CyberArk and Rapid7 that can help organizations both reduce risk and ease the burden on operations teams.
Identify unknown assets
Using Rapid7’s Project Sonar, organizations can identify previously unknown assets associated with their domain names and public IP address ranges that are exposed to the public internet. Sonar scans interact with exposed endpoint services, collecting additional metadata such as SSL certificates, HTML links in HTTP responses, service banners, and more.
Any DNS records found in the endpoint metadata are then resolved (along with records from domain registrars) to help ensure complete discovery. These newly discovered assets can be audited against CyberArk in order to prioritize endpoints that require privileged access and get those accounts and credentials onboarded to minimize risk.
Run secure vulnerability assessments
With CyberArk and Rapid7 InsightVM, Rapid7’s vulnerability assessment solution, organizations can reliably and t ..
Support the originator by clicking the read the rest link below.
