Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gregory_Link
Contributor

Guidance Rapid 7 Insight VM Authenticated Scans and CIS Compliance Reports

All,

I'm looking for guidance on how best to approach and implement authenticated scans from Rapid 7 Insight VM to Checkpoint Devices running GAIA.  Rapid 7 has some generic best practice information on running authenticated scans but no details specific to Check Point or GAIA.  I figure even though GAIA is a Unix Variant it's different enough that I'd suspect approach may be a bit different.  I also don't want to cause any kind of operational impact by running these scans.  I'd assume SSH would be best method but not sure about what would be required from a privilege escalation/permissions standpoint to get all the vulnerability data as well as CIS Compliance Report Data.  Rapid7 support has not been the most helpful and is directing me to best practice resources I have already reviewed.  If anyone has input on this it would be much appreciated.  Below are some articles I have reviewed from Rapid 7.

https://docs.rapid7.com/insightvm/authentication-on-unix-and-related-targets-best-practices

https://www.rapid7.com/blog/post/2022/03/15/insightvm-scanning-demystifying-ssh-credential-elevation...

https://docs.rapid7.com/insightvm/scan-templates/#cis

 

 

0 Kudos
6 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events