Jennifer Liou

Better Credential Management for Better Vulnerability Results

Blog Post created by Jennifer Liou on Jun 6, 2017

Often the first time the security team knows that credentials have expired is when their scans start to return dramatically fewer vulnerabilities.

 

We all know getting credentialed access yields the best results for visibility. Yet, maintaining access can be difficult. Asset owners change credentials. Different assets have different frequencies for credential updates. Security teams are often left out of the loop.

 

Between the original scan run time, the time it takes the security team to pinpoint that credential status is the cause of the problem, correcting the credential data, and re-running the scan—too much time has elapsed that could have been utilized by security groups.

 

What security teams need is a way to bypass these hassles by leveraging credential management solutions that are currently in play. This way, credentials are not stored in the vulnerability management system and are handled ephemerally, as they should be. This results in not only increased efficiency and less frustration for security teams, but also better security by having credentials be stored and managed centrally via CyberArk.

 

We are pleased to announce that as part of the May 24th, 2017 release, Nexpose and InsightVM (Security Console 6.4.39) have been integrated with CyberArk Enterprise Password Vault to enable credentialed scans while minimizing administrative effort.

 

The CyberArk integration, which is in-product, will work with either specific credentials or shared credentials for a given asset and will allow your team, no matter the size, to spend less time looking after your tools and more time on your security program. You can:

  • Query for credentials dynamically based on:
    • Address: The IP address or fully qualified domain name (FQDN) for the asset.
    • Object Name: The name of the object that stores the credentials.
    • Username: The username for the account that will be retrieved
    • Policy ID: The policy ID that is assigned to the credentials that will be retrieved.
    • Custom Attributes: Custom Key/Value pairs in CyberArk
  • Manage credential management preferences at the Site level or globally.

 

Getting Started

Help documentation, CyberArk Support, or contact your CSM or Rapid7 Support.

Outcomes