InsightGovCloud overview
Everything you need to know to get started with InsightGovCloud, Rapid7’s FedRAMP offering.
Overview and feature availability
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring of cloud products and services. Its goal is to ensure that cloud services used by federal agencies meet stringent security requirements, reducing risk and ensuring consistent protection of government data.
FedRAMP compliance means you can be confident that InsightGovCloud has undergone rigorous review against federal security baselines.
Configurations from existing Rapid7 installations are not transferrable
The InsightGovCloud offering requires a brand new installation. Therefore, no data or configurations can be migrated from existing environments.
Included features and capabilities
InsightGovCloud provides federal customers with secure access to several of Rapid7’s core solutions. These solutions are designed to help assess, monitor, and improve your security posture in a way that is compliant and secure.
Feature availability within InsightGovCloud
Some Rapid7 features are not available for InsightGovCloud customers due to stricter security regulations and compliance rules. If you have any questions about your permissions, please contact your Platform Administrator or Rapid7 Support .
These core capabilities are available to you as an InsightGovCloud user:
Vulnerability Management (InsightVM)
Our Vulnerability Management capability brings together Rapid7’s library of vulnerability research knowledge, global attacker behavior, internet-wide scanning data, exposure analytics, and real-time reporting. Learn more about Vulnerability Management .
Automation (InsightConnect)
Automate workflows across IT and Security cloud apps, on-premise systems, employees, and administrators. Learn more about Automation .
Cloud Security (InsightCloudSec)
Protect even the most complex multi-cloud and container environments from misconfiguration, policy violations, threats, and identity and access management (IAM) challenges. Learn more about Cloud Security .
Rapid7 Command Platform
The central hub of your Rapid7 experience, providing a single view into your attack surface, risk posture, threat response, and your whole security program. Use the Command Platform to manage services-customer and user accounts, product license provisioning, RBAC-authorization, and authentication. Learn more about Command Platform .
Rapid7 Agent (Insight Agent)
The Rapid7 Agent gives you endpoint visibility and detection by collecting live system information—including basic asset identification information, running processes, and logs—from your assets and sending this data back to the Command Platform for analysis. Learn more about Rapid7 Agent .
Excluded features
These features are not available to InsightGovCloud users.
| Excluded feature(s) | Affected capability |
|---|---|
| Context Actions (SIEM (InsightIDR) and Remediation Hub); Homepage Dashboards; Upload of Custom Plugins; Pre-built workflows; Connection to Extension Library | Automation (InsightConnect) |
| Authentication Servers; Misconfigurations (formerly Compliance Scorecard); Access Explorer (deprecated for all customers) | Cloud Security (InsightCloudSec) |
| Audit Logging; RBAC Custom Roles (but none of FedRAMP products are using this feature currently); Executive Risk View (ERV); Remediation Hub | Command Platform |
| Platform Collector; The Windows version of the Rapid7 Agent with a FIPS-certified module (ARM64 architecture) | Endpoint |
| Audit Logging (Policy Builder); Built-in Automation Workflows; Cloud Configuration Assessment (CCA); Collectors; Container Security; Metasploit; On-demand Assessment (Splunk Technology Add-On); Webspider | Vulnerability Management (InsightVM) |
Built-in automation workflows from Vulnerability Management are not transferrable
If you are an existing Vulnerability Management (InsightVM) customer, any existing built-in automation workflows that you use can’t be transferred to your InsightGovCloud environment.
New automation workflows can be configured by customers who purchase an Automation (InsightConnect) license.
Scope of InsightGovCloud
Rapid7 FedRAMP authorization applies to:
- InsightGovCloud system components
- Supporting services that are hosted in InsightGovCloud
- External FedRAMP-authorized systems
Connections to and from the Vulnerability Management (InsightVM) Security Console do fall under FedRAMP authorization.
However, since the Security Console is hosted on-premises, you—the customer—are responsible for ensuring that your deployment, and any applications installed on it, meet your own compliance requirements.
Rapid7 is responsible for Security Console patching only
It is your responsibility, as the customer, to handle Security Console configuration, scanning, and ongoing maintenance. Read the Security Console Best Practices .
Splunk and InsightGovCloud
The Splunk integration is not currently available for use in the InsightGovCloud environment.
If you require more information, please contact your Rapid7 Customer Success Advisor (CSA).