Is there anyone Scanning their AZURE ENVIROMENT?

I was wondering if anyone is scanning their Azure environment with InsightVM- if you are are you using an agent-based, or on-prem or Azure scan engine (as documentation insinuates?)

We are scanning using agent-based. We will have an Azure scan engine at some point when our footprint increases there.
We do the same in AWS

How are you authenticating to all of these devices globally >?

AWS: SSH keys but they are in an auto-scaling group so the management is the main image primarily.
Azure: JIT access

We have a small presence there so it’s fairly easy at this point. We use more serverless services so we have more scalable controls on the cloud platform itself.

With a larger presence, I would think you could have VPN to the instance and add a Domain Controller in the cloud for Windows (OR Unix) and control accounts and permissions that way. That would be the suggested model if we were to go that route

is anyone doing this in a separate console? What does scanning look like in the GUI same or does it create cloud site or throw it in to the agent site?

@gfrouin Is an azure scan engine required to scan an asset in Rapid7 InsightVM? Because it looks like i can but my credentials fail?..but i’m scanning with normal scan engine…

We use the same console - not separate. We have a different site for those cloud assets.

You CAN use a scan engine in Azure but depending on your setup you can either establish a VPN connection to your Azure environment for that purpose OR open up the scan from the public IP of your scan engine (by configuring your Azure security group access list).

Depending on whether you use agents on those servers or not, it may create duplicates in your console.

1 Like

This is so helpful thank you @gfrouin