Does anyone know some use cases for Ansible and Rapid7’s products specifically for InsightVM, Metasploit and InsightAppsec, preferably, with documentation/references.
Like the below wherein it initiate scans and generate sql based reports
As of the moment there is no specific use cases just wanted to explore what can and cannot be done. Searching online, I can’t seem to find any documentation for metasploit and insightappsec. Even for the InsightVM that’s just limited.
This is just for exploration purposes and hope to get some feedback from here.
I’ve always wanted to do automated vulnerability remediation specifically around drift using Ansible.
We do not use BigFix which I know is a common use for this.
Other things that Ansible gives is each of our devices have unique credentials, so hardcoding something into an IVM or ICON connection doesn’t work, but Ansible could pull these from our credential vault (quick plug for IVM/ICON to be able to pull credentials from a third source. I know cashing is a concern, but I’d love to see a secure solution)
Additionally there is a division of responsibilities, I can have the team that manages Ansible maintain the playbooks and I just call them when I see them needed.
I’d see the connection defining how to connect to Tower, then the Step just have the playbook name to run
I use Ansible to set up and maintain the Rapid7 infrastructure - i.e. Collectors, Engines, Console. Right now, I need to deploy the R7 agent in compatibility mode for Linux servers (auditd) and I’m trying to figure out a way to do that.