Download PDF
Rapid7 > Case Studies > Leveraging Dynamic Asset Groups in Rapid7 Nexpose
Rapid7 Logo

Leveraging Dynamic Asset Groups in Rapid7 Nexpose

Technology Category
  • Cybersecurity & Privacy - Security Compliance
  • Cybersecurity & Privacy - Network Security
Applicable Industries
  • Utilities
Applicable Functions
  • Business Operation
  • Maintenance
Use Cases
  • Predictive Maintenance
  • Intrusion Detection Systems
  • Remote Asset Management
Services
  • System Integration
  • Training
The Challenge
Identifying how many servers and systems were affected by Heartbleed and other OpenSSL vulnerabilities without having to scan every server manually. PNM Resources needed a way to quickly and accurately identify vulnerabilities across their extensive network of servers and systems. The manual process of scanning each server individually was time-consuming and inefficient, especially during critical incidents like Heartbleed. The challenge was to find a solution that could provide rapid, accurate, and comprehensive visibility into the security status of their assets, enabling timely remediation and risk reduction.
About The Customer
PNM Resources is an energy company that relies heavily on robust cybersecurity measures to protect its infrastructure. The company employs security analysts like Bruce, who use advanced tools to manage and mitigate vulnerabilities across their network. Bruce has extensive experience in vulnerability management, having previously worked for a government contractor where he first reviewed Rapid7 Nexpose. At PNM Resources, Bruce is responsible for conducting regular scans of all servers and addressing any identified issues. The company places a high priority on maintaining up-to-date security patches and software updates to minimize risks and ensure the integrity of their systems. PNM Resources' commitment to cybersecurity is evident in their proactive approach to identifying and mitigating vulnerabilities, as well as their reliance on advanced tools like Rapid7 Nexpose to achieve these goals.
The Solution
PNM Resources implemented Rapid7 Nexpose Enterprise, leveraging its Dynamic Asset Groups feature to streamline the process of identifying vulnerabilities. This solution allowed Bruce to quickly find relevant information for OpenSSL vulnerabilities, such as Heartbleed, in minutes instead of days. By using Dynamic Asset Groups paired with authenticated scans, Bruce could gain clear visibility into the security status of their assets and create a roadmap for remediation. The solution provided a significant time-saving advantage, enabling Bruce to use CVE IDs to quickly locate vulnerable assets without manually scanning each server. This approach not only improved efficiency but also enhanced the accuracy of vulnerability identification. Additionally, Nexpose's ability to conduct authenticated scans provided detailed data on the network, revealing hidden risks and enabling targeted remediation efforts. The solution also supported PNM Resources' patch management practices by identifying missing third-party patches and providing actionable insights to lower the organization's overall risk score.
Operational Impact
  • Dynamic Asset Groups in Rapid7 Nexpose allowed PNM Resources to quickly identify vulnerabilities based on user-defined criteria, significantly reducing the time required for vulnerability management.
  • Authenticated scans provided detailed visibility into the network, uncovering hidden risks and enabling targeted remediation efforts.
  • The solution supported proactive risk management by providing clear visibility into the security status of assets and creating a roadmap for remediation.
Quantitative Benefit
  • Reduced time to identify vulnerabilities from days to minutes.
  • Saved at least four days of manual scanning for 300 Linux servers during the Heartbleed incident.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.