Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners
Sign In

InsightVM

Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners

Sign In

Documentation
InsightVM
Release Notes

Get Started

Welcome to InsightVM
Quick Start Guide
- System Requirements
- Download
Tour the Home Page
- Changes to the Security Console Administration page
Service start, stop, and status controls
InsightVM glossary of terms

Cloud Capabilities

Activate your console on the Insight platform
Deploy Additional Consoles
Email Confirmation for Insight Platform Account Mapping
Configure communications with the Insight platform
Using the Insight Agent with InsightVM
Correlate Assets with Insight Agent UUIDs
Modify Security Console Sync Interval
Dashboards
- Global Dashboard Filtering
Cards
- Query in Cards
Remediation Projects
Ticketing Integration for Remediation Projects
- Jira
- ServiceNow
Custom Policy Builder
- Audit Logs
Goals and SLAs
Working with Containers
Query Builder
- Query Operators
Cloud Reporting
- Executive Summary Report
- Create and Manage Reports
InsightVM Platform Login
Quick Actions in InsightVM

Collectors

Collectors in InsightVM
Collector Requirements
Collector Installation and Deployment
Collector Troubleshooting
Collector Proxy Configuration

Automation

Automation Feature Access Prerequisites and Recommended Best Practices
InsightVM Automation Features
Notifications
Automation Workflows
- Microsoft SCCM - Automation-Assisted Patching
- IBM BigFix - Automation-Assisted Patching

Cloud Configuration Assessment

Cloud Configuration Assessment Overview
Create an Amazon Web Services (AWS) Connection for Cloud Configuration Assessment (CCA)
Create a Microsoft Azure Connection for Cloud Configuration Assessment (CCA)
Create a Google Cloud Platform (GCP) Connection for Cloud Configuration Assessment (CCA)

Sites

What is a site?
Creating your first site
Site creation use cases
Create and edit sites
Giving users access to a site
Adding assets to sites
Best practices for adding assets
Deleting sites
Site Detail View

Scan Engines

Scan Engines
Distributed Scan Engines
Post-Installation Engine-to-Console Pairing
External Scanning Service
Scan Engine Pools
Containerized Scan Engine
AWS Scan Engines
Azure Scan Engines
Scan Engine Communication Methods
Scan Engine Data Collection - Rules and Details
Scan Engine Management on the Insight Platform

Scan Templates

Selecting a scan template
Scanning with multiple templates
Scan templates appendix
Authenticated Discovery Scans
Configuring Web spidering

Scan Credentials

Configuring scan credentials
Maximizing security with credentials
Configuring site-specific scan credentials
Managing shared scan credentials
Creating and Managing CyberArk Credentials
Kerberos Credentials for Authenticated Scans
Using SSH public key authentication
Elevating permissions
Database scanning credential requirements
Using LM/NTLM hash authentication
Authentication on Windows: best practices
Authentication on Unix and related targets: best practices
Using PowerShell with your scans

Scan Assistant

Using the Scan Assistant

Alerts and Schedule

Setting up scan alerts
Scheduling scans
Scan blackouts
Exporting your Calendar

Dynamic Discovery

Managing dynamic discovery of assets
Discovering mobile devices
Discovering Amazon Web Services instances
Discovering Microsoft Azure instances
Discovering Virtual Machines Managed by VMware vCenter or ESX/ESXi
Discovering Assets through DHCP Log Queries
Discovering Assets managed by McAfee ePolicy Orchestrator
Discovering vulnerability data collected by McAfee Data Exchange Layer (DXL)
Discovering Assets managed by Active Directory
Creating and managing Dynamic Discovery connections
Initiating Dynamic Discovery
Using filters to refine Dynamic Discovery
Monitoring Dynamic Discovery
Configuring a site using a Dynamic Discovery connection

Other Scanning Resources

Working with Project Sonar
Importing AppSpider scan data
Running a manual scan
Understanding different scan engine statuses and states
Viewing scan results and scan logs
Scan threads and port statuses
Stopping all in-progress scans
Automating security actions in changing environments
Enabling Remote Registry Activation
Configuring scan authentication on target Web applications
- Creating a logon for Web site form authentication
- Creating a logon for Web site session authentication with HTTP headers
Measuring scan performance and time
Scanning a load balancer
Using the Metasploit Remote Check Service

Assess

Assess
Locating and working with assets
Fingerprint certainty
Enabling and disabling Fingerprinting during scans
Applying RealContext with tags
Working with vulnerabilities
Vulnerability metrics explained
Vulnerability exceptions
Policy Manager
Policy rule overrides
Assess with agent-based policies
Agent-based policies - Bulk Export API
Scanning for specific vulnerabilities

Act

Working with asset groups
Performing filtered asset searches
Creating a dynamic or static asset group from asset searches

Report

Working with reports
Report templates and sections
Report creation wizard
Creating a basic report
Viewing, editing, and running reports
Working with risk trends in reports
For ASVs: Consolidating three report templates into one custom template
Distributing, sharing, and exporting reports
Configuring data warehousing settings
Configuring custom report templates
Understanding report content
Working with report formats
Report start times and durations
Upload externally created report templates signed by Rapid7
View Risk Across Cloud and On-Prem Environments
- Executive Risk View Dashboard Cards
Remediate Risk Across Cloud and On-Prem Environments

SQL Query Export

Creating reports based on SQL queries
Understanding the reporting data model: Overview and query design
Understanding the reporting data model: Facts
Understanding the reporting data model: Dimensions
Understanding the reporting data model: Functions
SQL Query Export examples

Tune

Tune
Working with scan templates and tuning scan performance
Configuring custom scan templates
Configuring asset discovery
Configuring service discovery
Selecting vulnerability checks
Selecting Policy Manager checks
Configuring verification of standard policies
Configuring scans of various types of servers
Configuring File Searches on Target Systems
Using other tuning options
Managing certificates for scanning
Creating a custom policy
Uploading custom SCAP policies
Risk Strategies
Adjusting risk with criticality
Sending custom fingerprints to paired Scan Engines
Scan property tuning options for specific use cases

Users and Authentication

Managing users and authentication
Setting password policies
Two factor authentication
LDAP authentication
Kerberos authentication
Configure SSO authentication
Remove an authentication source from InsightVM
How to reset a password

Manage

Managing the Security Console
- Configure HTTPS Options
PostgreSQL 15.6 Database Migration Guide
Using a Proxy Server
Planning a deployment
Database Backup, Restore, and Data Retention
Migrate a Backup to a New Security Console Host
Managing versions, updates, and licenses
- SCAP compliance
- Live Licensing
Setting Up a Sonar Query
Enabling FIPS mode
Using the command console
Troubleshooting
Running the Windows uninstaller
Running the Linux uninstaller
Configuring maximum performance in an enterprise environment
Define your goals
Ensuring complete coverage
Planning your Scan Engine Deployment
Setting up the application and getting started
Planning for capacity requirements
Bulk asset delete operations

Integrations

Amazon Web Services (AWS)
- Amazon Web Services FAQs
- AWS Security Hub
Microsoft Defender for Cloud
Integrate InsightVM with ServiceNow Security Operations
Intergrate InsightVM with Insight Agent
ServiceNow CMDB Data Synchronization
InsightVM Technology Add-On for Splunk

Resources

Resources
RESTful API
Application encryption types
How InsightVM links assets across sites
Using regular expressions
Using Exploit Exposure
Performing configuration assessment
AWS Edition Quick Start Guide
Virtual Appliance Guide
Patching Appliances for Meltdown/Spectre
Recurring vulnerability coverage

Release Notes

InsightVM release notes

Support

Investigate false positives
Contact the Rapid7 Support Team
Share an idea with Rapid7
Finding out what features your license supports

End-of-life Announcements

Container Security End-of-Life announcement
Cloud Configuration Assessment (CCA) End-of-Life announcement
Cloud Configuration Assessment, Container Security, and Built-in Automation Workflows change in feature availability announcement
BeyondTrust (Previously Liberman) Privileged Identity End-of-Life announcement
Manage Engine Service Desk legacy integration End-of-Life announcement
Thycotic legacy integration End-of-Life announcement
Internet Explorer 11 browser support end-of-life announcement
Legacy data warehouse and report database export End-of-Life announcement
Amazon Web Services (AWS) legacy discovery connection End-of-Life announcement
NSX Manager End-of-Life announcement
Legacy CyberArk ruby gem End-of-Life announcement
ServiceNow ruby gem End-of-Life announcement
Legacy Imperva integration End-of-Life announcement
Cisco FireSight (previously Sourcefire) ruby gem integration End-of-Life announcement
Microsoft System Center Configuration Manager (SCCM) ruby gem integration End-of-Life announcement
TLS 1.0 and 1.1 support for Insight solutions End-of-Life announcement
Insight Agent Windows XP support End-of-Life announcement
Insight Agent Windows Server 2003 End-of-Life announcement
Collector JRE 1.7 support End-of-Life announcement

Get Started

Welcome to InsightVM
Quick Start Guide
- System Requirements
- Download
Tour the Home Page
- Changes to the Security Console Administration page
Service start, stop, and status controls
InsightVM glossary of terms

Cloud Capabilities

Activate your console on the Insight platform
Deploy Additional Consoles
Email Confirmation for Insight Platform Account Mapping
Configure communications with the Insight platform
Using the Insight Agent with InsightVM
Correlate Assets with Insight Agent UUIDs
Modify Security Console Sync Interval
Dashboards
- Global Dashboard Filtering
Cards
- Query in Cards
Remediation Projects
Ticketing Integration for Remediation Projects
- Jira
- ServiceNow
Custom Policy Builder
- Audit Logs
Goals and SLAs
Working with Containers
Query Builder
- Query Operators
Cloud Reporting
- Executive Summary Report
- Create and Manage Reports
InsightVM Platform Login
Quick Actions in InsightVM

Collectors

Collectors in InsightVM
Collector Requirements
Collector Installation and Deployment
Collector Troubleshooting
Collector Proxy Configuration

Automation

Automation Feature Access Prerequisites and Recommended Best Practices
InsightVM Automation Features
Notifications
Automation Workflows
- Microsoft SCCM - Automation-Assisted Patching
- IBM BigFix - Automation-Assisted Patching

Cloud Configuration Assessment

Cloud Configuration Assessment Overview
Create an Amazon Web Services (AWS) Connection for Cloud Configuration Assessment (CCA)
Create a Microsoft Azure Connection for Cloud Configuration Assessment (CCA)
Create a Google Cloud Platform (GCP) Connection for Cloud Configuration Assessment (CCA)

Sites

What is a site?
Creating your first site
Site creation use cases
Create and edit sites
Giving users access to a site
Adding assets to sites
Best practices for adding assets
Deleting sites
Site Detail View

Scan Engines

Scan Engines
Distributed Scan Engines
Post-Installation Engine-to-Console Pairing
External Scanning Service
Scan Engine Pools
Containerized Scan Engine
AWS Scan Engines
Azure Scan Engines
Scan Engine Communication Methods
Scan Engine Data Collection - Rules and Details
Scan Engine Management on the Insight Platform

Scan Templates

Selecting a scan template
Scanning with multiple templates
Scan templates appendix
Authenticated Discovery Scans
Configuring Web spidering

Scan Credentials

Configuring scan credentials
Maximizing security with credentials
Configuring site-specific scan credentials
Managing shared scan credentials
Creating and Managing CyberArk Credentials
Kerberos Credentials for Authenticated Scans
Using SSH public key authentication
Elevating permissions
Database scanning credential requirements
Using LM/NTLM hash authentication
Authentication on Windows: best practices
Authentication on Unix and related targets: best practices
Using PowerShell with your scans

Scan Assistant

Using the Scan Assistant

Alerts and Schedule

Setting up scan alerts
Scheduling scans
Scan blackouts
Exporting your Calendar

Dynamic Discovery

Managing dynamic discovery of assets
Discovering mobile devices
Discovering Amazon Web Services instances
Discovering Microsoft Azure instances
Discovering Virtual Machines Managed by VMware vCenter or ESX/ESXi
Discovering Assets through DHCP Log Queries
Discovering Assets managed by McAfee ePolicy Orchestrator
Discovering vulnerability data collected by McAfee Data Exchange Layer (DXL)
Discovering Assets managed by Active Directory
Creating and managing Dynamic Discovery connections
Initiating Dynamic Discovery
Using filters to refine Dynamic Discovery
Monitoring Dynamic Discovery
Configuring a site using a Dynamic Discovery connection

Other Scanning Resources

Working with Project Sonar
Importing AppSpider scan data
Running a manual scan
Understanding different scan engine statuses and states
Viewing scan results and scan logs
Scan threads and port statuses
Stopping all in-progress scans
Automating security actions in changing environments
Enabling Remote Registry Activation
Configuring scan authentication on target Web applications
- Creating a logon for Web site form authentication
- Creating a logon for Web site session authentication with HTTP headers
Measuring scan performance and time
Scanning a load balancer
Using the Metasploit Remote Check Service

Assess

Assess
Locating and working with assets
Fingerprint certainty
Enabling and disabling Fingerprinting during scans
Applying RealContext with tags
Working with vulnerabilities
Vulnerability metrics explained
Vulnerability exceptions
Policy Manager
Policy rule overrides
Assess with agent-based policies
Agent-based policies - Bulk Export API
Scanning for specific vulnerabilities

Act

Working with asset groups
Performing filtered asset searches
Creating a dynamic or static asset group from asset searches

Report

Working with reports
Report templates and sections
Report creation wizard
Creating a basic report
Viewing, editing, and running reports
Working with risk trends in reports
For ASVs: Consolidating three report templates into one custom template
Distributing, sharing, and exporting reports
Configuring data warehousing settings
Configuring custom report templates
Understanding report content
Working with report formats
Report start times and durations
Upload externally created report templates signed by Rapid7
View Risk Across Cloud and On-Prem Environments
- Executive Risk View Dashboard Cards
Remediate Risk Across Cloud and On-Prem Environments

SQL Query Export

Creating reports based on SQL queries
Understanding the reporting data model: Overview and query design
Understanding the reporting data model: Facts
Understanding the reporting data model: Dimensions
Understanding the reporting data model: Functions
SQL Query Export examples

Tune

Tune
Working with scan templates and tuning scan performance
Configuring custom scan templates
Configuring asset discovery
Configuring service discovery
Selecting vulnerability checks
Selecting Policy Manager checks
Configuring verification of standard policies
Configuring scans of various types of servers
Configuring File Searches on Target Systems
Using other tuning options
Managing certificates for scanning
Creating a custom policy
Uploading custom SCAP policies
Risk Strategies
Adjusting risk with criticality
Sending custom fingerprints to paired Scan Engines
Scan property tuning options for specific use cases

Users and Authentication

Managing users and authentication
Setting password policies
Two factor authentication
LDAP authentication
Kerberos authentication
Configure SSO authentication
Remove an authentication source from InsightVM
How to reset a password

Manage

Managing the Security Console
- Configure HTTPS Options
PostgreSQL 15.6 Database Migration Guide
Using a Proxy Server
Planning a deployment
Database Backup, Restore, and Data Retention
Migrate a Backup to a New Security Console Host
Managing versions, updates, and licenses
- SCAP compliance
- Live Licensing
Setting Up a Sonar Query
Enabling FIPS mode
Using the command console
Troubleshooting
Running the Windows uninstaller
Running the Linux uninstaller
Configuring maximum performance in an enterprise environment
Define your goals
Ensuring complete coverage
Planning your Scan Engine Deployment
Setting up the application and getting started
Planning for capacity requirements
Bulk asset delete operations

Integrations

Amazon Web Services (AWS)
- Amazon Web Services FAQs
- AWS Security Hub
Microsoft Defender for Cloud
Integrate InsightVM with ServiceNow Security Operations
Intergrate InsightVM with Insight Agent
ServiceNow CMDB Data Synchronization
InsightVM Technology Add-On for Splunk

Resources

Resources
RESTful API
Application encryption types
How InsightVM links assets across sites
Using regular expressions
Using Exploit Exposure
Performing configuration assessment
AWS Edition Quick Start Guide
Virtual Appliance Guide
Patching Appliances for Meltdown/Spectre
Recurring vulnerability coverage

Release Notes

InsightVM release notes

Support

Investigate false positives
Contact the Rapid7 Support Team
Share an idea with Rapid7
Finding out what features your license supports

End-of-life Announcements

Container Security End-of-Life announcement
Cloud Configuration Assessment (CCA) End-of-Life announcement
Cloud Configuration Assessment, Container Security, and Built-in Automation Workflows change in feature availability announcement
BeyondTrust (Previously Liberman) Privileged Identity End-of-Life announcement
Manage Engine Service Desk legacy integration End-of-Life announcement
Thycotic legacy integration End-of-Life announcement
Internet Explorer 11 browser support end-of-life announcement
Legacy data warehouse and report database export End-of-Life announcement
Amazon Web Services (AWS) legacy discovery connection End-of-Life announcement
NSX Manager End-of-Life announcement
Legacy CyberArk ruby gem End-of-Life announcement
ServiceNow ruby gem End-of-Life announcement
Legacy Imperva integration End-of-Life announcement
Cisco FireSight (previously Sourcefire) ruby gem integration End-of-Life announcement
Microsoft System Center Configuration Manager (SCCM) ruby gem integration End-of-Life announcement
TLS 1.0 and 1.1 support for Insight solutions End-of-Life announcement
Insight Agent Windows XP support End-of-Life announcement
Insight Agent Windows Server 2003 End-of-Life announcement
Collector JRE 1.7 support End-of-Life announcement

RESTful API

Documentation for version 3 of the Security Console's RESTful API is available here:

https://help.rapid7.com/insightvm/en-us/api/index.html

If you have any questions or would like further guidance on usage of the Security Console API, visit the Rapid7 Discussion Community.

Did this page help you?

Application encryption types

CUSTOMER SUPPORT

+1-866-390-8113 (Toll Free)

SALES SUPPORT

+1-866-772-7437 (Toll Free)

Need to report an Escalation or a Breach?

SOLUTIONS

The Command Platform Exposure Command Managed Threat Complete

SUPPORT & RESOURCES

Product Support Resource Library Our Customers Events & Webcasts Training & Certification Cybersecurity Fundamentals Vulnerability & Exploit Database

ABOUT US

Company Diversity, Equity, and Inclusion Leadership News & Press Releases Public Policy Open Source Investors

CONNECT WITH US

Contact Blog Support Login Careers

Rapid7 Official Cybersecurity Partner of the Boston Bruins

© Rapid7

|

|

|

Trust