We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips without sacrificing the agent-based visibility of their remote assets. This release coincides with enhanced vulnerability content for Windows 11 in InsightVM, providing customers with high-quality, accurate coverage. The full list of operating systems supported by the Insight Agent can be found in our documentation.

The latest generation of ARM64 chips promises excellent CPU performance and multi-day battery life on a single charge, making them more attractive than ever for enterprise and consumer devices, including laptops. As hardware and software vendors continue to bolster support for Windows on ARM, Rapid7 customers using or considering adoption of these devices can deploy the Insight Agent to Windows 11 devices immediately. The existing Windows (x64) installer – downloaded as ‘agentInstaller-x86_64.msi’ – can be used for installation, and the Insight Agent will automatically run in emulation mode. No other action is required, but do note that only InsightVM functionality is supported at this time.

You can find more information on how to download and install the Insight Agent in our Help Documentation and on the Agents page within the Insight Platform:

Customers can use the Agent Test Set feature to roll out newer versions of the Insight Agent on a select set of machines before deploying it widely.

By: Dominick Vitolo, VP of Security Services, MegaplanIT

As a Certified Qualified Security Assessor (QSA) company and a trusted Rapid7 partner, MegaplanIT is committed to guiding organizations through the complexities of compliance and security standards.

PCI DSS version 4.0 is a significant update on the horizon and is set to take effect March 31, 2025. One of the key changes around vulnerability scanning within this update is requirement 11.3.1.2. This new requirement mandates authenticated internal vulnerability scans.

Here, we’ll shed light on why organizations should immediately transition to authenticated vulnerability scanning and how Rapid7’s InsightVM can facilitate this essential change.

The Shift in PCI DSS 4.0

New Requirement 11.3.1.2

Under PCI DSS 4.0, requirement 11.3.1.2 introduces the need for authenticated internal vulnerability scans, marking a departure from the widely practiced unauthenticated scans.

Currently, many organizations rely on unauthenticated scanning which, while useful, offers limited visibility into system vulnerabilities. In previous versions the PCI DSS never specifically called out the need for authenticated vulnerability scanning internally, which led the requirement subject to interpretation.

This established procedure from retirement 11.3.1 remains applicable and is complemented by the new requirement mandating authenticated internal vulnerability scans.

• Scans must be conducted at least every three months.
• All high-risk and critical vulnerabilities – as defined by the entity's own risk rankings established in Requirement 6.3.1 – must be remediated.
• Follow-up rescans are required to verify the resolution of these high-risk and critical vulnerabilities.
• The scanning tool used must be regularly updated with the latest vulnerability information.
• The scans must be carried out by qualified individuals, and there must be an organizational separation between the testers and the systems they are testing.

MegaplanIT Perspective: Why Adopt Authenticated Scanning Now Before the Requirement Takes Effect?

1. Deeper security insights: Authenticated scans delve into systems more deeply, uncovering vulnerabilities that unauthenticated scans may miss. This depth is critical for maintaining robust security.
2. Proactive compliance strategy: We always advocate for early adoption of new standards. It allows for a smoother transition and avoids the rush associated with impending compliance deadlines. Authenticated vulnerability scanning typically uncovers a greater number of vulnerabilities than unauthenticated scanning. Consequently, this will necessitate a greater allocation of internal resources for planning and executing remediation strategies.
3. Enhanced risk management: Authenticated scanning enables more effective identification and remediation of vulnerabilities, thus fortifying your defense against potential breaches. Authenticated vulnerability scanning may also lead to a reduced number of false positives.
4. Operational efficiency: Early adoption allows for the refinement of scanning processes, ensuring they become a seamless part of your security routine and may also lead to a reduced amount of false positives.

How Rapid7’s InsightVM Aligns with This Transition

Credential-Based Scanning

InsightVM's capability to perform scans with provided credentials aligns perfectly with the authenticated scanning requirements of PCI DSS 4.0. Scanning with credentials allows you to gather information about your network and assets that you could not otherwise access. You can inspect assets for a wider range of vulnerabilities or security policy violations.

Additionally, authenticated scans can check for software applications and packages as well as verify patches. When you scan a site with credentials, target assets in that site authenticate the Scan Engine as they would an authorized user.

Leveraging the Rapid7 Insight Agent

Rapid7’s universal Insight Agent gathers extensive vulnerability data, supporting the authenticated scanning process effectively.

Advantages of Implementing InsightVM

• Comprehensive detection: InsightVM is equipped with a vast and continuously updated repository of known vulnerabilities and identification of configuration issues.
• Targeted remediation guidance: Detailed insights facilitate prioritized and effective remediation efforts.
• User-friendly interface: IT teams experience a simplified transition, making the process less daunting.

Transitioning to authenticated internal vulnerability scanning in order to meet the control requirements of PCI DSS 4.0 is a crucial step towards strengthening your organization’s security posture. As a certified QSA, MegaplanIT strongly recommends that organizations begin this shift now.

Tools like Rapid7’s InsightVM are pivotal in this journey, offering a comprehensive, scalable, and user-friendly solution. By embracing this change today, your organization will not only be compliant, but also significantly more secure against ever-evolving cyber threats.