You might be asking why in the world would I want to deploy yet another executable if the Insight Agent is already performing the assessment on those assets? Well, let's circle back to the fact that the Insight Agent is only performing the local checks. Unlike the Insight Agent, which monitors and performs assessments on a scheduled basis, the Scan Assistant is dormant unless called upon by a Scan Engine either through a manual or scheduled scan configured from the Security Console. You can download the log for any scan as discussed in the preceding topic. Sysmon Installer and Events Monitor overview, Endpoint Protection Software Requirements, Microsoft System Center Configuration Manager (SCCM), Token-Based Mass Deployment for Windows Assets, InsightIDR - auditd Compatibility Mode for Linux Assets, InsightOps - Configure the Insight Agent to Send Logs, TLS 1.0 and 1.1 support for Insight solutions End-of-Life announcement, Insight Agent Windows XP support End-of-Life announcement, Insight Agent Windows Server 2003 End-of-Life announcement, /config/agent.jobs.tem_realtime.json, In the "Maintenance, Storage and Troubleshooting" section, click. To complement the on-premises scanning infrastructure that you may already have, you can also install the Insight Agent across your network for the purpose of vulnerability assessment. The CyberArk & Rapid7 InsightVM integration can prevent users from accessing compromised systems. Change settings for a manual scan. Rapid7 Insight Agent + InsightVM Scan Assistant in Tandem | Rapid7 Blog After the initial inventory, the payload is much smaller. We're not done yet, either! Finding the best route to the Insight platform occurs automatically or can be configured in advanced use cases. Note that reinstalls of any agent running a version prior to 2.0 will not retain their original UUID. However, in most situations, the Insight Agent is the only way to assess your remote assets. As an InsightVM subscriber, you can access several feature-rich cloud capabilities powered by the Insight platform. Indeed, that solution is the workaround. You can use Remediation Projects to scope and track what vulnerabilities you are currently working on and make use of the Validation Scan (New InsightVM Features: Optimizing the Remediation Process), Or start a manual scan from the site overview page or the site details page and only enter the IP of the asset you want to scan (Running a manual scan | InsightVM Documentation). Brian Lalla - Appalachian State University - LinkedIn So to do this you cant just have the asset with an agent on it. If this asset has an Insight Agent on it and the vulnerability you are trying to verify would normally be checked by the agent you want to make sure youre using a scan template that DOES NOT have the Skip checks performed by the insight agent selected. after fixing the vulnerabilities on the asset. Digital Forensics and Incident Response (DFIR), Cloud Security with Unlimited Vulnerability Management, 24/7 MONITORING & REMEDIATION FROM MDR EXPERTS, SCAN MANAGEMENT & VULNERABILITY VALIDATION, PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES, SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD, THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE, PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY, UPCOMING OPPORTUNITIES TO CONNECT WITH US, Understanding different scan engine statuses and states. The schedule is maintained entirely by the Insight Platform. Get the latest stories, expertise, and news about security today. The interface displays the Scan History page, which lists all scans, plus who started or restarted the scan, the total number of scanned assets, discovered vulnerabilities, and other information pertaining to each scan.