CIS policy scanning on insightAgents

How can we scan for CIS benchmarking when we use insightAgents only and we do not have shared scan credentials?

3 Likes

hmmm AFAIK, CIS based assessment thru the InsightAgent is not currently possible. Though from what I gather before this is in the works already just that no concrete ETA were given.

PS: I also raised that query last year :slight_smile:

5 Likes

Yeah performing policy scans are not possible via Agents, the docs make this clear: Scan Engine and Insight Agent Comparison | InsightVM Documentation

2 Likes

Thank you for information :+1:

1 Like

As other says, it is not currently possible. They were planning to add that feature by end of 2021 but I think I have seen they are now targeting early 2022.

I have been wanting this feature as well. Is there a way to inquire on where it is on the development roadmap?

CIS policy assessment using InsightAgents is currently planned for the first half of 2022

That’s the limitation InsightAgents have. We can’t perform policy scans using InsightAgents. Only local checks can be performed. You may refer below article :

Scan Engine and Insight Agent Comparison | InsightVM Documentation (rapid7.com)

1 Like

Looking forward to policy scans via InsightAgent. We also asked a year ago and we’re told it was coming end of 2021. I guess first half of 2022 isn’t so bad, but this has become more important than ever considering new ways of working with lots more folks at home!

1 Like

I still don’t see it

Is this still outstanding? Is there anywhere to see the roadmap?

Compliance is so critical these days and it’s just not acceptable for a security vendor to say “if you want compliance you need to weaken your security model by opening unnecessary ports to a scanning engine”

This gives a nice backdoor for all the ransomware to walk through across your entire estate.

@tyler_slijboom1 You seem to be the active InsightVM employee, is this something you can push and get us an update please.

3 Likes

Is it possible to hear from r7 on this topic?

I am also looking for an update regarding this feature. Has it been dropped, still in progress or implemented?

I can confirm that this feature is being worked on and prioritized. General availability is planned before the end of the year.

1 Like