InsightVM
A vulnerability management tool that helps organizations manage vulnerabilities across diverse IT environments.
| Category | Vulnerability Management |
|---|---|
| This page updated | a month ago |
| Pricing Details | Contact for pricing details. |
| Target Audience | Security teams and IT professionals managing vulnerabilities in diverse environments. |
InsightVM addresses the complex challenge of managing vulnerabilities across diverse and dynamic IT environments, including cloud, virtual, remote, local, and containerized infrastructure. The tool's architecture revolves around the Security Console, which serves as the central hub for creating sites, running scans, generating reports, and managing vulnerability data. This console leverages Scan Engines to perform the actual scanning, allowing for flexible deployment configurations, including a reverse engine-to-console communication method to comply with restrictive security policies.
Key to InsightVM's effectiveness is its integration with various threat intelligence feeds, such as Project Lorelei and AttackerKB, which enhance CVSS-based risk scores with real-time, predictive threat intelligence through the Active Risk feature. This allows security teams to prioritize vulnerabilities based on their likelihood of being exploited, rather than just their severity. The tool also supports advanced asset organization, enabling dynamic or static grouping of assets based on multiple parameters, and features a tagging system to adjust risk scores and prioritize remediation.
Operationally, InsightVM streamlines remediation processes by integrating directly with IT ticketing systems, automating scan jobs, and providing live, interactive dashboards for real-time visibility. However, this comprehensive approach comes with considerations such as the need for inbound traffic on port 40815 for engine-to-console communication and potential performance impacts from large-scale deployments. Additionally, the use of the Insight Agent for data collection from endpoints, especially remote and sensitive assets, adds to the tool's versatility but requires careful management to avoid overhead.
In terms of technical specifics, InsightVM supports over 40 unique parameters for asset searches, offers customizable report templates, and integrates with more than 40 leading technologies via an open RESTful API. This integration capability is crucial for amplifying the value of other security tools in the tech stack, from SIEMs and firewalls to credential management systems.