Products
- NEW
  Cloud Migration with Unlimited Risk Coverage
  Cloud Risk Complete
  Explore Offer
Services
- NEW
  MDR with Unlimited Incident Response
  Managed Threat Complete
  Explore offer
Support & Resources
- SAVE THE DATE
  Take command of your attack surface on May 21
  TAKE COMMAND | Virtual Summit
  Register Today
Company
RESEARCH
Sign In

Threat Command

Products
- NEW
  Cloud Migration with Unlimited Risk Coverage
  Cloud Risk Complete
  Explore Offer
Services
- NEW
  MDR with Unlimited Incident Response
  Managed Threat Complete
  Explore offer
Support & Resources
- SAVE THE DATE
  Take command of your attack surface on May 21
  TAKE COMMAND | Virtual Summit
  Register Today
Company
RESEARCH

Sign In

Documentation
Threat Command
Release Notes

Welcome

Welcome to Threat Command
Register to Threat Command
Log in to Threat Command
Multi Tenant Threat Management
Rapid7 Product Connections
Customer Support

Threat Command

Threat Command
Architecture Overview
Threat Command Dashboard
Threat Command Quick Start
Strategic Intelligence
Manage Alerts
Remediate an Alert
Threats
Configure Assets
- Asset Types and Formats
- Alerts from Assets
Asset Management
Create Reports
Configurations

Threat Intelligence Platform (TIP)

TIP Overview
TIP Quick Start
TIP Sources
TIP IOCs
TIP Dashboard
Investigation
- View Investigation Map and Overview
- View Investigation Additional Enrichment Data
Threat Library
- Threat Library Related Information
IntelliFind

Vulnerabilty Risk Analyzer (VRA)

Vulnerability Risk Analyzer
Manage Vulnerabilities
- CVE Details
- Export CVEs to a CSV
Vulnerability Alerts

Threat Third-Party

Threat Third Party
Risk Assessment

Automation

Automation
Automate Actions on Alerts
Automate Internal Remediation
- Create IOC Management Rules
- Manage IOC Groups
Alert Profiler

Integrate Devices

Integrate Devices
The Threat Command Virtual Appliance
Integrate Cloud Devices
Integrate On-Premises Devices
Automate Leaked Credentials with Active Directory
- Integrate an Azure Active Directory Device
- Integrate a Microsoft Active Directory
InsightIDR Integration
IntSights App for Splunk
- Splunk App Install, Configure, and Upgrade
IntSights Splunk App for Splunk SOAR (Phantom)
- IntSights Splunk App for Splunk SOAR Installation and Configuration
- IntSights Splunk App for Splunk SOAR Activities
Rapid7 Threat Command App for Elastic SIEM
ServiceNow Security App
ServiceNow ITSM App
IntSights App for IBM QRadar
- IBM QRadar App Installation and Configuration
Integration Appendix

Settings

Update User Profiles
Configure Users
Configure Customers
Subscription Settings, Keys, and API
Authentication Options

IntSights Extend Browser Extension

IntSights Extend Browser Extension
Install and Configure Rapid7 Extend
Manage and Configure Rapid7 Extend
View IOCs and CVEs with Rapid7 Extend

Phishing Watch

Phishing Watch
Website Clone Detection
Website Redirect Detection
IFrame Detection
Phishing Watch Frequently Asked Questions

Welcome

Welcome to Threat Command
Register to Threat Command
Log in to Threat Command
Multi Tenant Threat Management
Rapid7 Product Connections
Customer Support

Threat Command

Threat Command
Architecture Overview
Threat Command Dashboard
Threat Command Quick Start
Strategic Intelligence
Manage Alerts
Remediate an Alert
Threats
Configure Assets
- Asset Types and Formats
- Alerts from Assets
Asset Management
Create Reports
Configurations

Threat Intelligence Platform (TIP)

TIP Overview
TIP Quick Start
TIP Sources
TIP IOCs
TIP Dashboard
Investigation
- View Investigation Map and Overview
- View Investigation Additional Enrichment Data
Threat Library
- Threat Library Related Information
IntelliFind

Vulnerabilty Risk Analyzer (VRA)

Vulnerability Risk Analyzer
Manage Vulnerabilities
- CVE Details
- Export CVEs to a CSV
Vulnerability Alerts

Threat Third-Party

Threat Third Party
Risk Assessment

Automation

Automation
Automate Actions on Alerts
Automate Internal Remediation
- Create IOC Management Rules
- Manage IOC Groups
Alert Profiler

Integrate Devices

Integrate Devices
The Threat Command Virtual Appliance
Integrate Cloud Devices
Integrate On-Premises Devices
Automate Leaked Credentials with Active Directory
- Integrate an Azure Active Directory Device
- Integrate a Microsoft Active Directory
InsightIDR Integration
IntSights App for Splunk
- Splunk App Install, Configure, and Upgrade
IntSights Splunk App for Splunk SOAR (Phantom)
- IntSights Splunk App for Splunk SOAR Installation and Configuration
- IntSights Splunk App for Splunk SOAR Activities
Rapid7 Threat Command App for Elastic SIEM
ServiceNow Security App
ServiceNow ITSM App
IntSights App for IBM QRadar
- IBM QRadar App Installation and Configuration
Integration Appendix

Settings

Update User Profiles
Configure Users
Configure Customers
Subscription Settings, Keys, and API
Authentication Options

IntSights Extend Browser Extension

IntSights Extend Browser Extension
Install and Configure Rapid7 Extend
Manage and Configure Rapid7 Extend
View IOCs and CVEs with Rapid7 Extend

Phishing Watch

Phishing Watch
Website Clone Detection
Website Redirect Detection
IFrame Detection
Phishing Watch Frequently Asked Questions

Add a MISP Server Feed

Configure an MISP server to be used as a source for Threat Command.

Before adding the server, you need the MISP authentication details and API key.

If this feed is available as a private feed, you will benefit more by configuring and enabling it from the Private feeds section.

To add an MISP server to Threat Command:

From the TIP > Sources page, in the MISP Servers section, click Add Feed.
The feed configuration is displayed.
Type the MISP server authentication details, select the confidence level to assign, and paste the API key.
Click Test Credentials.
Click Finish.

Did this page help you?

Threat Intelligence Platform (TIP)

Add a STIX/TAXII Feed

Threat Intelligence Platform (TIP)

CUSTOMER SUPPORT

+1-866-390-8113 (Toll Free)

SALES SUPPORT

+1-866-772-7437 (Toll Free)

Need to report an Escalation or a Breach?

SOLUTIONS

Insight Platform Managed Threat Complete Cloud Risk Complete

SUPPORT & RESOURCES

Product Support Resource Library Our Customers Events & Webcasts Training & Certification Cybersecurity Fundamentals Vulnerability & Exploit Database

ABOUT US

Company Diversity, Equity, and Inclusion Leadership News & Press Releases Public Policy Open Source Investors

CONNECT WITH US

Contact Blog Support Login Careers

Rapid7 Official Cybersecurity Partner of the Boston Bruins

© Rapid7

|

|

|

Trust