Would like to figure out how I can build a query to find end of life operating systems.
Try checking the built-in card for ‘assets running obsolete operating systems’ on the ‘Assets Dashboard’ on the portal. You can get more details by clicking on the card.
select distinct ip_address, host_name, sites, last_assessed_for_vulnerabilities, dos.name || ' - ' || version os_version from fact_asset_vulnerability_finding favf JOIN dim_vulnerability_category dvc using (vulnerability_id) JOIN dim_asset da USING (asset_id) JOIN dim_asset_operating_system daos using (asset_Id) JOIN dim_operating_system dos on dos.operating_system_Id = daos.operating_system_id where dvc.category_name = 'Obsolete OS' order by ip_address
Would it be be possible to construct a query to show impending obsolete software, e.g. OSs becoming obsolete/EOS/EOL in the next 3-6 months?
Hi, maybe you could make a script to get your assets OS and then be checked in the internet or in an own database or file where this dates are avaliable and compare them, then you could get that.
Thank you for your suggestion, mmur_gt4e
Checking internet resources would be tedious if Rapid7 InsightVM can do the job.
If it currently can’t, then Rapid7 can consider this a feature request.
This is a really good feature request, and something we see a lot of value in.
Currently, the behaviour of InsightVM is to asses your current state with known vulnerabilities (including obsolete systems). It is not designed to deal with a potential future state, which would be the case here.
We would, however, like to add this feature in the future, however this would require a fundamental change in our current approach, and is not something that could be actioned anytime soon.
Thank you for considering the suggestion. Would it be a feasible solution to add something like a ‘Query Date’ parameter instead of always assuming a default ‘Now’?
Similarly, such a parameter could be used to check if a vulnerability was known at a particular time, although I cannot see a pressing use case for this.