INTEGRATION
BENEFITS
• Strong password security
in a centralized location
• Comprehensive audit trails
for compliance initiatives
• Better security visibility with
admin credentials allows
Nexpose to dig deeper into
a system for security
assessment
• Reduced management by
centralizing accounts in a
central location
Solution Overview
Strong password management is a challenge facing many organizations today. Furthermore, ensuring that privileged account passwords
are of sufficient complexity and length, changed periodically, as well
as auditable can be overwhelming to manage. When performing vulnerability scans, it is considered best practice to audit your systems
with a privileged account in order to get deeper insight into the client
side vulnerabilities present on the host. Nexpose utilizes Liberman’s
ERPM software to provide privileged account passwords on a per scan
basis, allowing an administrator to no longer worry about having to
update privileged account passwords in numerous locations. This
ensures that all scans run without account password issues.
How It Works
Privileged accounts are created in Lieberman that are associated with
a specific asset or group of assets. Sites (logical grouping of assets)
are created in Nexpose to perform a vulnerability scan. Prior to running a scan, the Lieberman integration process is run and will query
Nexpose for the assets within a site. It will then query ERPM for the
credential for each individual asset. Once completed, the privileged
credentials will be updated within Nexpose. Lastly, a scan can be
kicked off automatically after the integration process runs or the
next time a vulnerability scan is scheduled.
Key request
Key sent
110115
| Rapid7.com
Authenticated
scan
Integration Brief
Strong Password Management
with Rapid7 Nexpose and
Lieberman ERPM
Overview of Integration Process
Step 1: Create privileged account
stores in Lieberman ERPM
Step 4: Run the Lieberman script to
pull the most up to date credentials
Step 2: Create site(s) in Nexpose
with assets
Step 5: Run a Nexpose scan of
your site(s)
WHAT YOU NEED:
•
Rapid7 Nexpose
•
Lieberman ERPM 4.8+
Step 3: Configure Lieberman script
with proper parameters
Figure 1: Console View of Lieberman ERPM
About Lieberman
About Rapid7
Lieberman Software pioneered the privileged identity
management space by releasing the first product to this
market in 2001. Since then, the company has regularly
updated and expanded its privileged account management
solution set while growing its customer bsae in this vibrant
and emerging market. The company also develops a line of
long-standing and award-winning Windows security
management tools. Lieberman Software now has more
than 1,200 global customers, including more than 40
percent of the Fortune 50.
Rapid7 is a leading provider of security data and analytics
solutions that enable organizations to implement an
active, analytics-driven approach to cyber security. We
combine our extensive experience in security data and
analytics and deep insight into attacker behaviors and
techniques to make sense of the wealth of data available
to organizations about their IT environments and users.
Our solutions empower organizations to prevent attacks by
providing visibility into vulnerabilities and to rapidly detect
compromises, respond to breaches, and correct the
underlying causes of attacks. Rapid7 is trusted by more
than 4,150 organizations across 90 countries, including
34% of the Fortune 1000. To learn more about Rapid7 or
get involved in our threat research, visit www.rapid7.com
| Rapid7.com