Vulnerability assessment scans are a critical component for comprehensive threat protection. However, with workforce mobility and Bring Your Own Device (BYOD) options, more and more transient devices are being added to corporate networks, creating an attack surface that is increasingly harder to monitor and protect.
When a transient device is offline during a scheduled scan, most traditional methods of detection will fail to identify it. This oversight allows the device to connect or reconnect to the network unseen, after potentially being exposed to threats. The ForeScout Extended Module for Rapid7 Nexpose allows customers to automatically block devices from joining their network until they reach an acceptable risk level. With this combination of Nexpose and CounterACT®, customers are able to reduce the attack surface on their networks while remediation is happening.
ForeScout CounterACT is designed to enforce endpoint compliance each time a device connects to the network, providing continuous compliance within and between the scan windows. Through Rapid7 Insight Agents or Adaptive Security, Nexpose provides live monitoring, visibility, remediation prioritisation and automatic threat mitigation for new devices or vulnerabilities on the network.
“The recent surge of BYOD strategies within the enterprise represents a fundamental change in the way companies operate,” said Pedro Abreu, Chief Strategy Officer at ForeScout. “Identifying devices on a network – the moment they connect to it – is critical to creating an accurate picture of the threat landscape. ForeScout’s integration with Rapid7 Nexpose enables IT security professionals to obtain more complete information about the endpoints on their network and provides them with the tools to secure them.”
The new ForeScout Extended Module for Rapid7 Nexpose provides the following key benefits to customers:
? Immediate Information Sharing: CounterACT notifies Nexpose when devices join the network or change configuration so Nexpose can immediately scan for vulnerabilities.
? Policy Enforcement: Enforces policies across the network – even for transient devices that were initially missed by scheduled vulnerability assessment scans – by delivering a detailed report on endpoint protection status.
? Automation: Communicates with Nexpose to provide workflow automation such as on-connect assessment and automated identification of security threats. The ForeScout Extended Module for Rapid7 Nexpose is designed to automatically recommend and help prioritise policy-based remediation actions when devices join the network.
“Vulnerability management is a crucial piece of any holistic security program,” said Lee Weiner, Chief Product Officer at Rapid7. “This collaboration with ForeScout helps us further deliver excellent security solutions to our customers with visibility into devices as they connect to the network, minimising risk and helping them make informed decisions.”
"Today’s networks are complex and dynamic, with changes in infrastructure and security posture happening every moment,” said Billy Lewis, Director of Information Technology at State Garden, Inc. “As endpoints come and go and the threat landscape changes, IT departments face the challenge of keeping pace. We believe integration between CounterACT and Nexpose allows for complete automation of events in real time by leveraging the power and insight collected by both tools."
