Rapid7 InsightVM
Overview
Rapid7 InsightVM provides live vulnerability and endpoint visibility for assets, including local, remote, cloud, containerized, and virtual infrastructure.
Available Integrations
Product(s) | Supported Asset Type(s) | Integration Type |
---|---|---|
Rapid7 InsightVM – Devices | Devices | Source |
Rapid7 InsightVM – Vulnerabilities | Vulnerabilities | Source |
Configuration
-
Install a runner: Follow our instructions to install a runner. Only required for On-Premise (Nexpose)
-
Choose a Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with a source. The following are the available schemas
- Rapid7 InsightVM API Key: This schema uses the Rapid7 InsightVM v4 APIs to fetch devices from the cloud platform.
- Rapid7 InsightVM On Premise (Nexpose): This schema uses the Rapid7 InsightVM v3 APIs to fetch devices from the on-premise Nexpose server.
-
Choose a runner: Select the runner you would like to use for retrieving data from the source. Only if applicable
- Requirements:
- TCP/IP 443 from Runner to the Nexpose server
- Requirements:
-
Configure plugin: Configure the plugin with the required fields.
Rapid7 InsightVM API Key
Field | Description | Example |
---|---|---|
Skip TLS Certification Validation | Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority. | |
API Key | API Key associated with a user who has permission to fetch assets | *********************** |
Rapid7 InsightVM On Premise (Nexpose)
Field | Description | Example |
---|---|---|
Hostname | Hostname or IP address of the Nexpose server | 192.168.1.111 |
Port | Port for the Nexpose server | 3780 |
Skip TLS Certification Validation | Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority. | |
Username | Username for a user that has access to read all assets for the Nexpose server | sevco_user |
Password | Password for a user that has access to read all assets for the Nexpose server | *********************** |
- Add an Integration: Select the integration(s) you'd like to add.
- Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
Field | Description | Example |
---|---|---|
Name (optional) | Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization. | 'DMZ network' |
Contact Person (optional) | A placeholder to input a name or email address of a contact associated with the integration. | 'Jane Doe' |
Link to Console (optional) | A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration. | 'www.product.com' |
Email me about frequent errors | Select this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period. | n/a |
- Activate Config: To enable this configuration select "Activate".
External Documentation
Creating credentials
Rapid7 InsightVM API Key
Click here for instructions on generating a user API Key.
Rapid7 InsightVM On Premise (Nexpose)
To configure a new user for Sevco to use, follow the instructions in Configure general user account attributes
Required Permissions
Rapid7 InsightVM API Key
Click here for instructions on adding and configuring permissions for a new user.
At minimum, the user should be in a User
role with the following permissions:
View Site Asset Data
View Group Asset Data
Rapid7 InsightVM On Premise (Nexpose)
Click here for instructions on adding and configuring permissions for a new user.
At minimum, the user should be in a User
role with the following permissions:
View Site Asset Data
View Group Asset Data
API Documentation
Rapid7 InsightVM v4 API documentation for fetching assets from the cloud platform
Rapid7 InsightVM v3 API documentation for fetching assets from the Nexpose server
Contact Us
If you're having problems configuring an integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits
link located in the upper right hand corner of the documentation.
Updated 6 months ago