Jump to content

Vulnerability Management Platform Integrations?

clampj
 Share

Recommended Posts

clampj Collaborator

clampj

Posted
Posted

Hi

As the title suggests, are there any vulnerability management platform integrations available?

We are currently looking at Insights by Rapid 7.  I'd like the ability to raise a ticket in Service Manager that will kick of a vulnerability scan in Insights.  Once the scan is complete, the suggested remediation's from Insights are then raised as tickets in Service Manager and attached to the master ticket that was raised to kick off the scans.  When the remediation ticket is closed in service manager it would then close the remediation in Insights.

Any thoughts from the Hornbill bods or wider community?

Thanks

J

Link to comment
Share on other sites
Steve G Mentor

Steve G

Posted
Posted

Hi @clampj,

There are no integrations for this type of service - yet... I've had a cursory scan through the API docs for Rapid7 Insights though, and they seem straightforward enough to talk to - RESTful APIs with HTTP Basic Authentication. It looks like they provide APIs to kick off a scan, and to read the results back upon completion, but I can't see one to close a remediation - athough there's an API to perform admin console commands so maybe it's possible to close remediations using that...

With regards to reading mutliple remediations back on scan completion, and raising a request in Hornbill for each one, we can't currently automate that in the BPM as we have no concept of looping through arrays within workflows, so this may be a job for  ITOM and PowerShell, once ITOM is available :) 

Either way, I'll add Insights to the list for investigation and will let you know once we've had chance to look at it.

Cheers,

Steve

Link to comment
Share on other sites
clampj Collaborator

clampj

Posted
  • Author
Posted

Thanks for checking it out.

I hadn't heard of ITOM until I saw a mention of it earlier today so I've just checked that out and sounds interesting and we would definitely be able to make use of it.  I'll sit tight to see what happens with it.

 

Thanks

J

Link to comment
Share on other sites
  • 6 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...