Skip to Content
InsightvmHIDDEN

Get Started with Custom Policy Editor

InsightVM Policy Editor Preview Program

Welcome to the InsightVM Policy Editor Preview program. You should now have access to the Policy Editor feature. We designed the preview program to get feedback from our customers while we develop new features. Program participants will directly access Rapid7 resources from engineering, user experience, and product management. We’ll also provide a public Slack channel (named #general) for you and other customers to share ideas on policy feature application within InsightVM and discuss solutions. We’d like to thank you for taking the time and effort to participate since your feedback and participation are truly valuable. N​ote​: This preview program is currently available only in US region at this moment. We will let you once it’s available in other regions.

How do I get support for the Policy Editor?

We’ll provide support for the Policy Editor through InsightVM Policy Editor Slack channels. If you have any issues with access or defects or want to request additional enhancements, send a message via your private channel or the #general channel and we’ll be happy to assist you. If you do not have access to Slack, please let us know and we’ll add you or anyone from your organization.

Preview Program Slack Channels Only Support The Policy Editor

The Policy Editor Preview Slack channels provide support only for the preview feature and are not meant for existing features. For issues that are not related to the Policy Editor, use your standard Rapid7 support channels.

Overview

This guide is intended to get you started with the Policy Editor. The Policy Editor will allow you to customize existing rules and tests to create your own custom policy that you can export in SCAP format.

Access the Policy Editor

To access the Policy Editor:

  1. Log in to the ​Insight Platform
  2. Customers with more than one Insight Platform product will need to click the ​InsightVM tile
  3. Access the Policy Editor by copying and pasting this URL into your browser window: https://exposure-analytics.insight.rapid7.com/#/policy/custom

Policy List

After accessing the Policy Editor, you will see the ​Policy List​. This list contains all existing standard policies that InsightVM already supports, as well as any custom policies you create. You can search by

Policy list

policy title or keyword. Check the “Include Custom Policies” box to filter out custom policies. Click the policy name to view information about the policy, including description, rules, and tests. To edit your policy, use the following:

  • Clone and Edit -​ Creates an exact copy of the existing policy, so you can customize the policy
  • Save Changes​ - Saves your custom policy as new from an existing standard policy
  • Edit​ - Edits or overwrites an existing custom policy
  • Delete - ​ Removes the custom policy from your organization’s policy list.

Standard Policies

Standard policies can be exported or cloned, but may not be edited or deleted.

Edit a Custom Policy

After clicking C​lone and Edit​ or ​Edit,​ you are presented with the Policy Editor. Click a rule to view the rule details, which includes check and test information.

Policy edit

Use a Custom Policy in a Scan

Do the following:

  1. From the policy list, click the name of the policy you wish to use
  1. Click ​Export Policy​ to download a zip file containing your policy in standard SCAP format
  2. After your zip file downloads, navigate to P​olicies​ in the left navigation
  3. Click the U​pload Custom Policy​ button
  1. Enter a name and description
  2. To import the policy, drag and drop the zip file you downloaded earlier into the “Select file” section
  3. You can now use the custom policy as part of a scan template
Scan template