We are pleased to announce the partnership of Zuri Technologies and Rapid 7– working together to help businesses navigate through the evolving vulnerability landscape. This month we came together to interview Rapid 7 to understand vulnerability hotspots last year and look to threats posed in 2021.
What were the key vulnerability trends detected in 2020 and how does the landscape look for 2021?
Defenders had to contend with a steady stream of high-severity vulnerabilities in 2020, including many that occurred in internet-facing security technologies like firewalls, VPNs, and secure performance services. Highly exploitable vulnerabilities in security gateway products underscored the need for organizations to ensure they understand their attack surface area and have up-to-date asset inventories of (in particular but not only!) devices on their perimeter.
We also saw quite a few patch bypasses in 2020, including for vulnerabilities that had been previously exploited in the wild by attackers. Patch bypasses or incomplete patches present a real challenge to defenders, as addressing them often requires disrupting regular patch cycles or putting emergency mitigations in place. We expect both these trends to continue in 2021.
With the moves to cloud and remote working here to stay, what would be the significant developments that Rapid 7 will make to refine and expand their support in 2021?
2021 is going to be similar to 2020 with the key support focus remaining on remote and hybrid working. As we’ve watched this shift to the cloud, we’ve also been listening to the needs of our customers who are challenged with managing the security of their cloud environments. Many are asking for additional support and more comprehensive visibility into their cloud and container environments. We see the three main focuses being:
- Securing the remote workforce– existing tech in insight VMs detection and response framework allows business to have greater visibility of their end points. Particularly needed as users no longer fall under their corporate infrastructure in the same way.
- Greater visibility of the user’s activity– The main clients’ queries were around understanding their user behaviour better. This is key for remote working as user’s day-to-day activities may have changed, requiring systems to be in place which identify usual behaviour.
- Improved remediation management- ensuring patchworks are completed on time and by the appropriately skilled engineer, is key to ensuring your company’s risk score remains low. Insight VM’s risk rating enables businesses to streamline workflows and ensure efficient and best-in-practice remediations are completed.
How does Rapid 7 manage and prioritise the constantly changing cyber threat environment?
The world of vulnerability management has changed from point-and-shoot tools such as vulnerability scanning and vulnerability management to risk-based management. Rapid7 InsightVM’s Real Risk Score provides a more actionable, 1-1000 scale based on the likeliness of an attacker exploiting the vulnerability in a real attack, so businesses can prioritize their efforts. To further adapt to this change Rapid 7’s researchers are constantly analysing and understanding new threats posed to SME businesses. Utilising their open tool Metasploit, which is an open penetration test framework, which has over 200,000 contributors per year- good actors and bad actors, on average detecting 3000 exploits per year. This information is leveraged against multiple factors which include age and if there is a known exploit kit, which is used to help Rapid 7 to prioritize vulnerabilities.
What would you say are the key advantages of working with companies like Zuri Technologies?
From a vertical perspective, Zuri and Rapid 7 align well due to their customer base with many clients based in the finance sector. In addition, with Rapid 7 coming from an SME/SMB background their knowledge base runs parallel to Zuri’s in-depth knowledge of that area. But the main advantage of working with Zuri is “Size and focus and they are geared up to provide a comprehensive service and wrap it up with great customer support”