Legacy CyberArk ruby gem End-of-Life announcement
As of March 4, 2019, Rapid7 will start the End of Life (EOL) process for the legacy CyberArk Ruby Gem integration for Nexpose. The CyberArk Ruby Gem will no longer be publicly available for download on the rubygems.org page. As a solution, Rapid7 has already implemented an in-product integration with CyberArk. For instructions on how to configure the in-product integration, see our Creating and Managing CyberArk Credentials documentation.
This EOL announcement only pertains to future deployments or feature requests. Customers that currently have the Ruby Gem integration configured will not see changes in functionality, but Rapid7 encourages migration to the in-product integration.
The new integration features the CyberArk Application Identity Manager, which allows authenticated scanning on a per-scan basis. For more information, see our Enterprise Password Vault and InsightVM partner brief.
Overview of the Integration Process
Here’s a high-level overview of how you can complete the integration:
- Create privileged accounts in CyberArk Secure Digital Vault
- In Nexpose, create one or more sites that have assets
- Connect the Security Console and CyberArk consoles
- Run a site scan to automatically pull in admin credentials
For more information on the integration process, see our Creating and Managing CyberArk Credentials documentation. Two methods are available:
March 4, 2019
Rapid7 announces that the CyberArk Ruby Gem will no longer be available for download on rubygems.org
March 4, 2020
Rapid7 will no longer support the CyberArk Ruby Gem.
What are the benefits of the new integration?
- Secure credentials and simplified management by centrally storing and rotating Rapid7 Nexpose privileged account credentials.
- Enable better security visibility using admin credentials to scan, which allows the Security Console to dig deeper into a system for security assessment.
- Maintain a comprehensive audit trail for compliance initiatives.
How will this impact me if I used the legacy Ruby Gem integration?
Any customers already utilizing this legacy Ruby Gem will not experience an interruption in service. You can contact our services organization for paid support and adjustments, even after the last date of support.
How do I get CyberArk?
CyberArk is a third party product that integrates with Nexpose. New or existing Nexpose customers can purchase an account through CyberArk. After creating a CyberArk account, customers should reference our Creating and Managing CyberArk Credentials documentation to integrate CyberArk and Nexpose.
Who can I contact if I have more questions that are not addressed in this announcement?
Contact your Customer Success Representative or contact Rapid7 Support.