InsightVM Provides Visibility 和 Control to Keep Staff 和 学生s Safe at 曼彻斯特城市大学

挑战

Like their counterparts in the United 状态s 和 elsewhere in the West, UK universities continue to be a major target for online attackers. Freedom of Information (FoI)-based research released in 2017 revealed that nearly three-quarters (70%) had fallen victim to phishing attacks over the previous 24 months. A separate report later that year claimed data breaches at UK universities had doubled, with sensitive IP 和 ground-breaking research particularly prized by state-backed snoopers. Ransomware 和 DDoS outages have also hit many institutions over recent months, 和 there’s an ever-present risk associated with negligent users. 简而言之, 菲茨西蒙斯和他的团队有很多工作要做, 和 they needed a way to extend their reach given the resources at h和.

解决方案

InsightVM is Rapid7’s flagship vulnerability management solution designed with modern, dynamic networks in mind to provide powerful analytics, 修复, 自动化能力. 面对不断变化的威胁形势, InsightVM leverages Rapid7’s extensive vulnerability research, 元ploit利用知识, attacker-based分析, 全互联网扫描数据, 更多的是通过实时报告浮出水面. MMU’s migration to the Rapid7 solution went largely without a hitch.

一项重大任务

根据菲茨西蒙斯, part of the challenge of securing a network of MMU’s size lies in its heterogeneity. His team’s job is to manage 和 maintain endpoint security 和 firewalls, 监视异常的网络行为, 防范外部威胁, 和 mitigate risk 如果一个ny vulnerabilities are discovered. 在有Windows的情况下，这是一项重大任务, Linux机器, 苹果电脑, 桌面, 和 mobile devices across physical 和 virtualized infrastructures.

After three years with a previous vulnerability management vendor, Fitzsimmons was aware of the rapid advancement of technology in the space 和 decided to open things up for potential replacements. 他对其他大学的同学进行了演讲, 浏览了网上论坛, 和 found Rapid7’s name consistently cropping up as one to watch. Subsequent tests told the MMU team what it needed to know.

“We were looking for things like, how were vulnerabilities displayed? 产品告诉了我们什么信息? 报告功能怎么样?他解释道。. “The more we looked into Rapid7, the more we were impressed with InsightVM. It definitely gave us more than we had with previous solution, so we chose to invest.”

进入InsightVM

InsightVM is Rapid7’s flagship vulnerability management solution designed with modern, dynamic networks in mind to provide powerful analytics, 修复, 自动化能力. 面对不断变化的威胁形势, InsightVM leverages Rapid7’s extensive vulnerability research, 元ploit利用知识, attacker-based分析, 全互联网扫描数据, 更多的是通过实时报告浮出水面.

Migration to the Rapid7 solution went largely without a hitch.

“Sales 和 support have been really smooth from beginning to end,” says Fitzsimmons. “从我们的观点来看, the rules were easy to transport over to InsightVM so there was no downtime as a result of lost scans. 每个人都对它有积极的评价.”

The MMU network team are particularly impressed with their newfound ability to run discovery 和 other scans depending on the requirements of the subnet.

“作为一所大学, 我们这里有不同类型的机器——windows, Linux, mac和一个庞大的网络, so we needed something which could gather all that information in one place 和 we could use it as a central inventory for the assets, 然后我们可以对每一个进行不同的扫描,他说.

Fitzsimmons is also impressed by the level of granular detail provided about vulnerabilities; for example, 如果一个 Metasploit 插件存在, 或者在ExploitDB上是否有概念验证代码, 表明漏洞的可利用性增加. And he likes the fact that assets can be filtered by different criteria: for example, 根据风险或漏洞的数量. 整体, InsightVM has provided “great visibility” into the MMU network, 允许团队深入操作系统, 软件, 和服务，以了解更多.

节省时间，降低风险

The MMU network team have also seen their lives made easier by the 修复 和 reporting functionality in InsightVM.

“When we do see vulnerabilities, it’s impressive how it gives us a lot of information. The recommended 修复s are really clear 和 helpful,” says Fitzsimmons. “On other solutions we’ve seen this kind of thing but you sometimes need to translate it for other users to underst和. Where patches are required there’s often a direct download link so you don’t have to hunt for it yourself.”

可定制的报告完成了整个过程, allowing his team to tailor their findings according to the department that needs to view it. Those in charge of web servers may get a different report than teams in charge of unified communications, 等等.......

满怀信心地展望未来

As MMU grows in confidence with InsightVM there’s even more scope to expand the team’s use of the tool in future. 这包括补救项目特性, which integrates with IT ticketing to help teams track the progress of 修复. 与此同时, Steven Fitzsimmons 和 team are continuing to evaluate Rapid7 InsightIDR as their SIEM solution.