Threat and vulnerability management

To detect security risks, the DI Platform team uses several vulnerability scanners.

Infrastructure scanners

The following tools are used to detect risks and vulnerabilities in the infrastructure of the Itron Azure environment.

Rapid7

Rapid7 is an industry-leading security and compliance tool. Rapid7 gives immediate, global visibility on possible infrastructure vulnerabilities based on the latest Internet threats. It advises on how to protect assets by constantly scanning the resources of the environment and reporting whenever a vulnerability is found.

Rapid7 is the standard Itron-wide vulnerability scanning tool for the infrastructure in the Itron Azure environment. The Rapid7 solution is built up from two main component types: cloud agents and the management server. Rapid7 is integrated into the Azure Security Center. It detects all the virtual machines lacking the cloud agent software and installs it as an extension. All of the vulnerability alerts are gathered by the centralized security logging mechanism described in the audit and accountability procedures and then assessed by Itron Security. The results are also viewable in the Azure Security Center as well as in the Rapid7 cloud portal.

The assessment and prioritization of vulnerabilities found by Rapid7 follows the defined risk assessment strategy.

SentinelOne^®

SentinelOne is an endpoint protection platform. Currently, it is under investigation as a replacement for Microsoft Defender for Server Plan 2.

Application scanners

The following tools are used to detect vulnerabilities in applications.

Mend.io

Mend.io is a vulnerability scanning tool that analyses third-party libraries referenced in code. It generates a report containing recommendations and alerts if any vulnerabilities were found based on a huge knowledge base of known security issues in specific versions of third-party components.

Mend.io is integrated into the continuous integration process of applications hosted in the Itron Azure environment as it's defined by the configuration management procedures. The reports are available and can be observed in the Mend.io portal.

The assessment and prioritization of vulnerabilities found by Mend.io follows the defined risk assessment strategy.

OpenText™ Fortify™

OpenText Fortify is a static application security testing tool that is used to analyze the source code of applications for security vulnerabilities. As a result of the investigation, it generates a risk-ranked and categorized report based on known security issues that helps to identify, prioritize, and assess risks available in the application.

The OpenText Fortify Static Code Analyzer tool is integrated into the continuous integration process of applications hosted in the Itron Azure environment as it's defined by the configuration management procedures. The reports are available and can be observed on the OpenText Fortify server maintained by the infrastructure team in the Itron Azure environment.

The assessment and prioritization of vulnerabilities found by OpenText Fortify follows the defined risk assessment strategy.