Exploitable Vulnerabilities

You can connect InsightVM or Nexpose, Rapid7's vulnerability management solutions, with InsightIDR to see all the exploitable vulnerabilities found in your environment. InsightIDR applies user context to vulnerabilities, showing you which users may be "clickbait."

How to View Exploitable Vulnerabilities

On the Assets & Endpoints page, you will see a card that displays the top Exploitable Vulnerabilities on the right, along with the number of assets affected. At the bottom of the card, you can click More to see the top 100 vulnerabilities.

You can also click on the Exploitable Vulnerabilities metric on the "Assets & Endpoints" page to see a complete list.

The Top 100 Vulnerabilities displays information about the exact title, the threat source count, the type of vulnerability, and the number of users and assets affected. You can sort these columns by clicking on them.

Asset Vulnerability Details

When you click on the title of the vulnerability, you will see a detailed page about it. It will display additional information about the type, name, source, and description of the vulnerability.

The "Users" table then displays the name of the user, their department, and their affected asset. You have the option of restrict their asset by clicking on the Target icon.

How to Connect InsightVM or Nexpose

Please see Nexpose/InsightVM Integration for instructions.