Products
Explore Offer
Insight Platform Solutions
Next-Gen SIEM
INSIGHTIDR
Cloud Security
INSIGHTCLOUDSEC
Vulnerability Management
INSIGHTVM
Threat Intelligence
THREAT COMMAND
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
More Solutions
Penetration Testing
METASPLOIT
On-Prem Vulnerability Management
NEXPOSE
Digital Forensics and Incident Response (DFIR)
Velociraptor
Services
Explore offer
MANAGED SERVICES
Managed Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Managed Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Managed Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
OTHER SERVICES
Product Consulting
QUICK-START & CONFIGURATION
Training & Certification
SKILLS & ADVANCEMENT
Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
Contact Us
TALK TO SALES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
Our Customers
Their Success Stories
Partners
Rapid7 Partner Ecosystem
Investors
Investor Relations
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Boston Bruins
Our Partnership
RESEARCH
Sign In
Documentation
InsightConnect
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Threat Command
Products
Explore Offer
Insight Platform Solutions
Next-Gen SIEM
INSIGHTIDR
Cloud Security
INSIGHTCLOUDSEC
Vulnerability Management
INSIGHTVM
Threat Intelligence
THREAT COMMAND
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
More Solutions
Penetration Testing
METASPLOIT
On-Prem Vulnerability Management
NEXPOSE
Digital Forensics and Incident Response (DFIR)
Velociraptor
Services
Explore offer
MANAGED SERVICES
Managed Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Managed Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Managed Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
OTHER SERVICES
Product Consulting
QUICK-START & CONFIGURATION
Training & Certification
SKILLS & ADVANCEMENT
Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
Contact Us
TALK TO SALES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
About Us
OUR STORY
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Careers
JOIN RAPID7
Our Customers
Their Success Stories
Partners
Rapid7 Partner Ecosystem
Investors
Investor Relations
COMMUNITY & CULTURE
Social Good
OUR COMMITMENT & APPROACH
Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
Diversity, Equity & Inclusion
EMPOWERING PEOPLE
Open Source
STRENGTHENING CYBERSECURITY
Public Policy
ENGAGEMENT & ADVOCACY
Boston Bruins
Our Partnership
RESEARCH
Sign In
Documentation
InsightConnect
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services
Threat Command
Release Notes
Docs Menu
Welcome
What is InsightConnect?
Get Started with InsightConnect
Learn Key Concepts
SOC Automation Success Plan
Days 1 through 15: Get Started with SOC Automation
Days 16 through 45: Link Alerts and Define Use Cases
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
InsightVM + InsightConnect Automation Quick Start Guide
Use Case #1: Vulnerability Intelligence Gathering
Use Case #2: Vulnerability Risk Management Alerts
Use Case #3: Democratize Vulnerability Management
VM Automation Success Plan
Days 1 through 15: Get Started with VM Automation
Days 16 through 45: VM Triggers and Extending VM Use Casess
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
Learn to Build Workflows
Introductory videos
Setup and Deploy an Orchestrator
What is the Insight Orchestrator?
Install and Activate an Orchestrator
System and Network Requirements
Deploying in AWS or Azure with RHEL8
Install Private CA Certificates
Configure an Orchestrator
Configure Proxies
Configure Static IP Address
Install the CentOS Orchestrator
Migrate a CentOS Orchestrator
Troubleshoot an Orchestrator
Command Line Help
Uninstall an Orchestrator
Concepts and Usage
Learn InsightConnect's foundational concepts
Course 1: Introduction to workflows
Course 2: Understand data in InsightConnect with workflow data basics
Course 3: Access data in InsightConnect with Handlebars
Course 4: Introduction to Format Query Language
Course 5: Introduction to loop data and loop outputs
Course 6: Introduction to Snippets
Home Page Widgets
Workflows
InsightConnect Control Panel
InsightConnect Builder
Snippets
Triggers
Input and Output Variables
Nested Variables
Quick Actions
Workflow Steps
Jobs
Most Popular Plugins
InsightConnect REST API
Plugins and Connections
Plugins
Use Plugins
Update Plugins
Cloud Plugins
Free and Open Source Service Plugins
Plugin Use Cases
HTTP Requests
Mass Delete with PowerShell
Python 2 or 3 Script
Connections
Create a Connection
Test a Connection
Troubleshoot a Connection
Connection Setup Guides
Active Directory LDAP
AWS Security Hub
Cisco ASA
CheckPoint NGFW
Fortinet FortiGate
Gmail
Insight Agent
InsightIDR
InsightVM
Jira
Microsoft Azure AD
Microsoft Exchange
Microsoft InTune
Microsoft Office365
Microsoft Office 365 Email Security
Microsoft SCCM
Microsoft Teams
Microsoft Windows Defender ATP
Mimecast
Palo Alto Firewall
ServiceNow
Slack
VirusTotal
Workday
How To
Build a Workflow
Manage Workflows
Import and Export Workflows
Set Up Triggers
Set Up an API Trigger
Set Up an InsightIDR Alert Trigger
Set Up an InsightIDR Attacker Behavior Analytics (ABA) Alert Trigger
Set Up an InsightVM Events Trigger
Set Up a Plugin Trigger
Trigger Workflows with Slack ChatOps
Manage Global Artifacts
Configure Workflow Parameters
Use Workflow Steps
Use an Action Step
Use an Artifact Step
Use a ChatOps Step
Use a Decision Step
Use a Filter Step
Use a Helper Step
Use a Join Paths Step
Use a Loop Step
Use a Pattern Match Step
Use a Rapid7 Insight Solutions Step
Work with Variables
Format Query Language
Format JSON Input
Format Strings with Templates
Test a Workflow
Set Up the InsightConnect App for Splunk
Send InsightConnect Events to InsightIDR
InsightConnect Workflow Best Practices
Plugin Development
Getting Started
Create Custom Plugins
Plugin Development Videos
Plugin Tooling
Plugin Components
Plugin Spec
Running Plugins
SDK Guide
Regenerating Plugins
Style Guide
Error Handling in Integrations
Troubleshooting
Logo
Unit Test Generation
Unit Test Primer
API Files
Troubleshoot
Are you stuck?
Troubleshoot a Workflow
Troubleshoot a Failed Job
Troubleshoot a Plugin
Release Notes
InsightConnect release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Community
Rapid7 Discussion Community
On This Page
On This Page
Vulnerability Risk Management Alerts Use Case Guide Coming Soon!
Welcome
What is InsightConnect?
Get Started with InsightConnect
Learn Key Concepts
SOC Automation Success Plan
Days 1 through 15: Get Started with SOC Automation
Days 16 through 45: Link Alerts and Define Use Cases
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
InsightVM + InsightConnect Automation Quick Start Guide
Use Case #1: Vulnerability Intelligence Gathering
Use Case #2: Vulnerability Risk Management Alerts
Use Case #3: Democratize Vulnerability Management
VM Automation Success Plan
Days 1 through 15: Get Started with VM Automation
Days 16 through 45: VM Triggers and Extending VM Use Casess
Days 46 through 90: Customize and Activate Workflows
Supporting Resources
Learn to Build Workflows
Introductory videos
Setup and Deploy an Orchestrator
What is the Insight Orchestrator?
Install and Activate an Orchestrator
System and Network Requirements
Deploying in AWS or Azure with RHEL8
Install Private CA Certificates
Configure an Orchestrator
Configure Proxies
Configure Static IP Address
Install the CentOS Orchestrator
Migrate a CentOS Orchestrator
Troubleshoot an Orchestrator
Command Line Help
Uninstall an Orchestrator
Concepts and Usage
Learn InsightConnect's foundational concepts
Course 1: Introduction to workflows
Course 2: Understand data in InsightConnect with workflow data basics
Course 3: Access data in InsightConnect with Handlebars
Course 4: Introduction to Format Query Language
Course 5: Introduction to loop data and loop outputs
Course 6: Introduction to Snippets
Home Page Widgets
Workflows
InsightConnect Control Panel
InsightConnect Builder
Snippets
Triggers
Input and Output Variables
Nested Variables
Quick Actions
Workflow Steps
Jobs
Most Popular Plugins
InsightConnect REST API
Plugins and Connections
Plugins
Use Plugins
Update Plugins
Cloud Plugins
Free and Open Source Service Plugins
Plugin Use Cases
HTTP Requests
Mass Delete with PowerShell
Python 2 or 3 Script
Connections
Create a Connection
Test a Connection
Troubleshoot a Connection
Connection Setup Guides
Active Directory LDAP
AWS Security Hub
Cisco ASA
CheckPoint NGFW
Fortinet FortiGate
Gmail
Insight Agent
InsightIDR
InsightVM
Jira
Microsoft Azure AD
Microsoft Exchange
Microsoft InTune
Microsoft Office365
Microsoft Office 365 Email Security
Microsoft SCCM
Microsoft Teams
Microsoft Windows Defender ATP
Mimecast
Palo Alto Firewall
ServiceNow
Slack
VirusTotal
Workday
How To
Build a Workflow
Manage Workflows
Import and Export Workflows
Set Up Triggers
Set Up an API Trigger
Set Up an InsightIDR Alert Trigger
Set Up an InsightIDR Attacker Behavior Analytics (ABA) Alert Trigger
Set Up an InsightVM Events Trigger
Set Up a Plugin Trigger
Trigger Workflows with Slack ChatOps
Manage Global Artifacts
Configure Workflow Parameters
Use Workflow Steps
Use an Action Step
Use an Artifact Step
Use a ChatOps Step
Use a Decision Step
Use a Filter Step
Use a Helper Step
Use a Join Paths Step
Use a Loop Step
Use a Pattern Match Step
Use a Rapid7 Insight Solutions Step
Work with Variables
Format Query Language
Format JSON Input
Format Strings with Templates
Test a Workflow
Set Up the InsightConnect App for Splunk
Send InsightConnect Events to InsightIDR
InsightConnect Workflow Best Practices
Plugin Development
Getting Started
Create Custom Plugins
Plugin Development Videos
Plugin Tooling
Plugin Components
Plugin Spec
Running Plugins
SDK Guide
Regenerating Plugins
Style Guide
Error Handling in Integrations
Troubleshooting
Logo
Unit Test Generation
Unit Test Primer
API Files
Troubleshoot
Are you stuck?
Troubleshoot a Workflow
Troubleshoot a Failed Job
Troubleshoot a Plugin
Release Notes
InsightConnect release notes
Support
Contact the Rapid7 Support team
Share an idea with Rapid7
Community
Rapid7 Discussion Community
Vulnerability Risk Management Alerts Use Case Guide Coming Soon!
Did this page help you?
Yes
No
Welcome
Use Case #1: Vulnerability Intelligence Gathering
Welcome
Use Case #3: Democratize Vulnerability Management