Platform
Explore
PLATFORM
Platform
ELITE TECHNOLOGY
AI-Engine
INTELLIGENT TOOLS
Rapid7 Labs
TRUSTED INTELLIGENCE
SOLUTIONS
Managed Threat Complete
MANAGED XDR
Surface Command
ATTACK SURFACE MANAGEMENT
Exposure Command
EXPOSURE MANAGEMENT
Products
Request Demo
DETECTION & RESPONSE
Next-Gen SIEM
INSIGHTIDR
Threat Intelligence
THREAT COMMAND
EXPOSURE MANAGEMENT
Exposure Management
EXPOSURE COMMAND
Attack Surface Management
SURFACE COMMAND
Vulnerability Management
INSIGHTVM
Cloud-Native Application Protection
INSIGHTCLOUDSEC
Application Security Testing
INSIGHTAPPSEC
Services
Request Demo
DETECTION & RESPONSE
Managed XDR
MANAGED THREAT COMPLETE
Incident Response Services
EXPERIENCING A BREACH?
EXPOSURE MANAGEMENT
Managed Vulnerability Management
OPTIMIZED RISK ASSESSMENT
Managed Application Security
MANAGED DAST
Continuous Red Teaming
VECTOR COMMAND
Penetration Testing Services
TEST YOUR DEFENSES
Resources
READ NOW
STAY CURRENT
About Rapid7 Labs
MEET THE RESEARCH TEAM
Events & Webinars
CATCH US LIVE
Resources Library
DIVE INTO THE DETAILS
The Rapid7 Blog
STAY UP-TO-DATE
Exploit Database
SEARCH THOUSANDS OF CVES
Cybersecurity Fundamentals
LEARN THE BASICS
PRODUCT SUPPORT
Contact Sales
TALK TO AN EXPERT
Customer Support Portal
CONTACT SUPPORT
Product Integrations
CONNECT EVERYTHING
Product Documentation
PRODUCT AND SERVICES GUIDES
Product Release Notes
LATEST FEATURES
Interactive Product Tours
TAKE TOUR
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
Our Customers
Their Success Stories
Partners
Rapid7 Partner Ecosystem
Investors
Investor Relations
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Boston Bruins
Our Partnership
Partners
Sign In
Documentation
InsightConnect
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Threat Command
Platform
Explore
PLATFORM
Platform
ELITE TECHNOLOGY
AI-Engine
INTELLIGENT TOOLS
Rapid7 Labs
TRUSTED INTELLIGENCE
SOLUTIONS
Managed Threat Complete
MANAGED XDR
Surface Command
ATTACK SURFACE MANAGEMENT
Exposure Command
EXPOSURE MANAGEMENT
Products
Request Demo
DETECTION & RESPONSE
Next-Gen SIEM
INSIGHTIDR
Threat Intelligence
THREAT COMMAND
EXPOSURE MANAGEMENT
Exposure Management
EXPOSURE COMMAND
Attack Surface Management
SURFACE COMMAND
Vulnerability Management
INSIGHTVM
Cloud-Native Application Protection
INSIGHTCLOUDSEC
Application Security Testing
INSIGHTAPPSEC
Services
Request Demo
DETECTION & RESPONSE
Managed XDR
MANAGED THREAT COMPLETE
Incident Response Services
EXPERIENCING A BREACH?
EXPOSURE MANAGEMENT
Managed Vulnerability Management
OPTIMIZED RISK ASSESSMENT
Managed Application Security
MANAGED DAST
Continuous Red Teaming
VECTOR COMMAND
Penetration Testing Services
TEST YOUR DEFENSES
Resources
READ NOW
STAY CURRENT
About Rapid7 Labs
MEET THE RESEARCH TEAM
Events & Webinars
CATCH US LIVE
Resources Library
DIVE INTO THE DETAILS
The Rapid7 Blog
STAY UP-TO-DATE
Exploit Database
SEARCH THOUSANDS OF CVES
Cybersecurity Fundamentals
LEARN THE BASICS
PRODUCT SUPPORT
Contact Sales
TALK TO AN EXPERT
Customer Support Portal
CONTACT SUPPORT
Product Integrations
CONNECT EVERYTHING
Product Documentation
PRODUCT AND SERVICES GUIDES
Product Release Notes
LATEST FEATURES
Interactive Product Tours
TAKE TOUR
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
Our Customers
Their Success Stories
Partners
Rapid7 Partner Ecosystem
Investors
Investor Relations
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Boston Bruins
Our Partnership
Partners
Sign In
Documentation
InsightConnect
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Threat Command
Release Notes
Docs Menu
Welcome
What is InsightConnect?
Get Started with InsightConnect
Learn Key Concepts
SOC Automation Success Plan
Days 1 through 15: Get Started with SOC Automation
Days 16 through 45: Link Alerts and Define Use Cases
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
InsightVM + InsightConnect Automation Quick Start Guide
Use Case #1: Vulnerability Intelligence Gathering
Use Case #2: Vulnerability Risk Management Alerts
Use Case #3: Democratize Vulnerability Management
VM Automation Success Plan
Days 1 through 15: Get Started with VM Automation
Days 16 through 45: VM Triggers and Extending VM Use Casess
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
Learn to Build Workflows
Introductory videos
Setup and Deploy an Orchestrator
What is the Insight Orchestrator?
Install and Activate the Insight Orchestrator
System and Network Requirements
Deploying in AWS or Azure with RHEL8
Install Private CA Certificates
Configure an Orchestrator
Configure Proxies
Configure Static IP Address
Install the CentOS Orchestrator
Migrate to an Ubuntu Orchestrator
Troubleshoot an Orchestrator
Command Line Help
Uninstall an Orchestrator
Concepts and Usage
Learn InsightConnect's foundational concepts
Course 1: Introduction to workflows
Course 2: Understand data in InsightConnect with workflow data basics
Course 3: Access data in InsightConnect with Handlebars
Course 4: Introduction to Format Query Language
Course 5: Introduction to loop data and loop outputs
Course 6: Introduction to Snippets
Home Page Widgets
Workflows
InsightConnect Control Panel
InsightConnect Builder
Snippets
Triggers
Input and Output Variables
Nested Variables
Quick Actions
Workflow Steps
Jobs
Most Popular Plugins
InsightConnect REST API
Plugins and Connections
Plugins
Use Plugins
Update Plugins
Cloud Plugins
Free and Open Source Service Plugins
Plugin Use Cases
HTTP Requests
Mass Delete with PowerShell
Python 2 or 3 Script
Connections
Create a Connection
Test a Connection
Troubleshoot a Connection
Connection Setup Guides
Active Directory LDAP
AWS Security Hub
Cisco ASA
CheckPoint NGFW
Fortinet FortiGate
Gmail
Insight Agent
InsightIDR
InsightVM
Jira
Microsoft Azure AD
Microsoft Exchange
Microsoft InTune
Microsoft Office365
Microsoft Office 365 Email Security
Microsoft SCCM
Microsoft Teams
Microsoft Windows Defender ATP
Mimecast
Palo Alto Firewall
ServiceNow
Slack
VirusTotal
Workday
How To
Build a Workflow
Manage Workflows
Import and Export Workflows
Set Up Triggers
Set Up an API Trigger
Set Up an InsightIDR Alert Trigger
Set Up an InsightIDR Attacker Behavior Analytics (ABA) Alert Trigger
Set Up an InsightVM Events Trigger
Set Up a Plugin Trigger
Trigger Workflows with Slack ChatOps
Manage Global Artifacts
Configure Workflow Parameters
Use Workflow Steps
Use an Action Step
Use an Artifact Step
Use a ChatOps Step
Use a Decision Step
Use a Filter Step
Use a Helper Step
Use a Join Paths Step
Use a Loop Step
Use a Pattern Match Step
Use a Rapid7 Insight Solutions Step
Work with Variables
Format Query Language
Format JSON Input
Format Strings with Templates
Test a Workflow
Set Up the InsightConnect App for Splunk
Send InsightConnect Events to InsightIDR
InsightConnect Workflow Best Practices
Plugin Development
Getting Started
Create Custom Plugins
Plugin Development Videos
Plugin Tooling
Plugin Components
Plugin Spec
Running Plugins
SDK Guide
Regenerating Plugins
Style Guide
Error Handling in Integrations
Troubleshooting
Logo
Unit Test Generation
Unit Test Primer
API Files
Troubleshoot
Are you stuck?
Troubleshoot a Workflow
Troubleshoot a Failed Job
Troubleshoot a Plugin
Release Notes
InsightConnect release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Community
Rapid7 Discussion Community
On This Page
On This Page
Vulnerability Risk Management Alerts Use Case Guide Coming Soon!
Welcome
What is InsightConnect?
Get Started with InsightConnect
Learn Key Concepts
SOC Automation Success Plan
Days 1 through 15: Get Started with SOC Automation
Days 16 through 45: Link Alerts and Define Use Cases
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
InsightVM + InsightConnect Automation Quick Start Guide
Use Case #1: Vulnerability Intelligence Gathering
Use Case #2: Vulnerability Risk Management Alerts
Use Case #3: Democratize Vulnerability Management
VM Automation Success Plan
Days 1 through 15: Get Started with VM Automation
Days 16 through 45: VM Triggers and Extending VM Use Casess
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
Learn to Build Workflows
Introductory videos
Setup and Deploy an Orchestrator
What is the Insight Orchestrator?
Install and Activate the Insight Orchestrator
System and Network Requirements
Deploying in AWS or Azure with RHEL8
Install Private CA Certificates
Configure an Orchestrator
Configure Proxies
Configure Static IP Address
Install the CentOS Orchestrator
Migrate to an Ubuntu Orchestrator
Troubleshoot an Orchestrator
Command Line Help
Uninstall an Orchestrator
Concepts and Usage
Learn InsightConnect's foundational concepts
Course 1: Introduction to workflows
Course 2: Understand data in InsightConnect with workflow data basics
Course 3: Access data in InsightConnect with Handlebars
Course 4: Introduction to Format Query Language
Course 5: Introduction to loop data and loop outputs
Course 6: Introduction to Snippets
Home Page Widgets
Workflows
InsightConnect Control Panel
InsightConnect Builder
Snippets
Triggers
Input and Output Variables
Nested Variables
Quick Actions
Workflow Steps
Jobs
Most Popular Plugins
InsightConnect REST API
Plugins and Connections
Plugins
Use Plugins
Update Plugins
Cloud Plugins
Free and Open Source Service Plugins
Plugin Use Cases
HTTP Requests
Mass Delete with PowerShell
Python 2 or 3 Script
Connections
Create a Connection
Test a Connection
Troubleshoot a Connection
Connection Setup Guides
Active Directory LDAP
AWS Security Hub
Cisco ASA
CheckPoint NGFW
Fortinet FortiGate
Gmail
Insight Agent
InsightIDR
InsightVM
Jira
Microsoft Azure AD
Microsoft Exchange
Microsoft InTune
Microsoft Office365
Microsoft Office 365 Email Security
Microsoft SCCM
Microsoft Teams
Microsoft Windows Defender ATP
Mimecast
Palo Alto Firewall
ServiceNow
Slack
VirusTotal
Workday
How To
Build a Workflow
Manage Workflows
Import and Export Workflows
Set Up Triggers
Set Up an API Trigger
Set Up an InsightIDR Alert Trigger
Set Up an InsightIDR Attacker Behavior Analytics (ABA) Alert Trigger
Set Up an InsightVM Events Trigger
Set Up a Plugin Trigger
Trigger Workflows with Slack ChatOps
Manage Global Artifacts
Configure Workflow Parameters
Use Workflow Steps
Use an Action Step
Use an Artifact Step
Use a ChatOps Step
Use a Decision Step
Use a Filter Step
Use a Helper Step
Use a Join Paths Step
Use a Loop Step
Use a Pattern Match Step
Use a Rapid7 Insight Solutions Step
Work with Variables
Format Query Language
Format JSON Input
Format Strings with Templates
Test a Workflow
Set Up the InsightConnect App for Splunk
Send InsightConnect Events to InsightIDR
InsightConnect Workflow Best Practices
Plugin Development
Getting Started
Create Custom Plugins
Plugin Development Videos
Plugin Tooling
Plugin Components
Plugin Spec
Running Plugins
SDK Guide
Regenerating Plugins
Style Guide
Error Handling in Integrations
Troubleshooting
Logo
Unit Test Generation
Unit Test Primer
API Files
Troubleshoot
Are you stuck?
Troubleshoot a Workflow
Troubleshoot a Failed Job
Troubleshoot a Plugin
Release Notes
InsightConnect release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Community
Rapid7 Discussion Community
Vulnerability Risk Management Alerts Use Case Guide Coming Soon!
Did this page help you?
Yes
No
Welcome
Use Case #1: Vulnerability Intelligence Gathering
Welcome
Use Case #3: Democratize Vulnerability Management