Guides
sevco.io

Rapid7 InsightVM

Suggest Edits

Overview

Rapid7 InsightVM provides live vulnerability and endpoint visibility for assets, including local, remote, cloud, containerized, and virtual infrastructure.

Available Integrations

Product(s)Supported Asset Type(s)Integration Type
Rapid7 InsightVM – DevicesDevicesSource
Rapid7 InsightVM – VulnerabilitiesVulnerabilitiesSource

Configuration

  1. Install a runner: Follow our instructions to install a runner. Only required for On-Premise (Nexpose)

  2. Choose a Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with a source. The following are the available schemas

    • Rapid7 InsightVM API Key: This schema uses the Rapid7 InsightVM v4 APIs to fetch devices from the cloud platform.
    • Rapid7 InsightVM On Premise (Nexpose): This schema uses the Rapid7 InsightVM v3 APIs to fetch devices from the on-premise Nexpose server.

  3. Choose a runner: Select the runner you would like to use for retrieving data from the source. Only if applicable

    • Requirements:
      • TCP/IP 443 from Runner to the Nexpose server

  4. Configure plugin: Configure the plugin with the required fields.

Rapid7 InsightVM API Key

FieldDescriptionExample
Skip TLS Certification ValidationSkip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
API KeyAPI Key associated with a user who has permission to fetch assets***********************

Rapid7 InsightVM On Premise (Nexpose)

FieldDescriptionExample
HostnameHostname or IP address of the Nexpose server192.168.1.111
PortPort for the Nexpose server3780
Skip TLS Certification ValidationSkip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
UsernameUsername for a user that has access to read all assets for the Nexpose serversevco_user
PasswordPassword for a user that has access to read all assets for the Nexpose server***********************
  1. Add an Integration: Select the integration(s) you'd like to add.
  1. Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
FieldDescriptionExample
Name (optional)Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization.'DMZ network'
Contact Person (optional)A placeholder to input a name or email address of a contact associated with the integration.'Jane Doe'
Link to Console (optional)A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration.'www.product.com'
Email me about frequent errorsSelect this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period.n/a
  1. Activate Config: To enable this configuration select "Activate".

External Documentation

Creating credentials

Rapid7 InsightVM API Key

Click here for instructions on generating a user API Key.

Rapid7 InsightVM On Premise (Nexpose)

To configure a new user for Sevco to use, follow the instructions in Configure general user account attributes

Required Permissions

Rapid7 InsightVM API Key

Click here for instructions on adding and configuring permissions for a new user.

At minimum, the user should be in a User role with the following permissions:

  • View Site Asset Data
  • View Group Asset Data

Rapid7 InsightVM On Premise (Nexpose)

Click here for instructions on adding and configuring permissions for a new user.

At minimum, the user should be in a User role with the following permissions:

  • View Site Asset Data
  • View Group Asset Data

API Documentation

Rapid7 InsightVM v4 API documentation for fetching assets from the cloud platform
Rapid7 InsightVM v3 API documentation for fetching assets from the Nexpose server

Contact Us

If you're having problems configuring an integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits link located in the upper right hand corner of the documentation.

Updated 5 months ago