Rapid7 Products

By pairing InsightIDR with another Rapid7 product, many other features and data become available for analysis and allow you to manage your network and users in new ways.

Nexpose/InsightVM Integration

When you pair Nexpose/InsightVM with InsightIDR, InsightVM identifies and prioritizes weak points on your network while InsightIDR hunts threats by combining user behavior analytics, SIEM, and endpoint capabilities. In combination, you detect malicious behavior earlier in the attack chain and expose user and asset risk, prioritized based on Rapid7's knowledge of attacker behavior. This allows you to measurably reduce your attack surface, detect “unknown-unknowns” in real-time, and save time by knowing where to hunt.

Metasploit Integration

When you pair InsightIDR with Metasploit, specifically its spearphishing campaign, InsightIDR's "User Details" page will display how a user performs in a campaign and will track their interaction with the campaign. You will be able to see how far a user went in the spearphishing campaign, including receiving and opening emails, clicking on the suspicious links, and if they provided their credentials on the spearphish site.

InsightCloudSec Integration

When you pair InsightIDR with InsightCloudSec, you can access to InsightCloudSec's historical cloud event data for logging, analysis, and further investigation. InsightCloudSec (previously DivvyCloud) provides real-time analysis and automated remediation for cloud and container technologies, protecting them from misconfiguration, policy violations, threats, and IAM challenges.

Did this page help you?

Event Source Configuration

Auto Configure

Event Source Configuration

InsightVM