Rapid7 Vulnerability Management (InsightVM) Import

Integrate your Rapid7 Vulnerability Management (InsightVM) Vulnerability Management cloud software account so you can import CVEs to Rapid7 Digital Risk Protection (Threat Command).

In addition to importing CVEs, you can enable the import of host information (host name, IP address, and last scan date). This data, which gives a better understanding of which assets are affected by each CVE, is displayed in the Affected Assets tab for each imported CVE.

During the integration setup, you will need this information from your Vulnerability Management (InsightVM) instance:

• Data Storage Region - https://docs.rapid7.com/insightvm/configure-communications-with-the-insight-platform/  - https://docs.rapid7.com/insight/managing-platform-api-keys/#generate-an-organization-key 
• Organization (API) key - https://docs.rapid7.com/insight/managing-platform-api-keys/#generate-an-organization-key 

Import CVEs from Rapid7 Vulnerability Management (InsightVM) to Digital Risk Protection (Threat Command)

Import CVEs so you can manage them in Digital Risk Protection (Threat Command). CVEs are imported from 30 days back.

To import CVEs:

1. From the Digital Risk Protection (Threat Command) main menu, select Automation > Integrations.
2. From the Integrations  window, click Cloud.
3. Click Add new device.
4. Type a user-defined name for the device.
   The name can contain a maximum of 50 letters, spaces, numbers, and underscores.
5. For the Device type, select Rapid7 Vulnerability Management (InsightVM).
6. Select the region that matches the Data Storage Region from the Rapid7 InsightsVM instance.
7. Enter the API key for the Rapid7 Vulnerability Management (InsightVM) account.
8. (Optional) To enable the display of host information, select Enable collection of host information.
9. It is recommended to click Test Credentials to ensure that the credentials are valid.
   If the credentials are not valid, a message is displayed.
10. Click Add.

The new device is added to the cloud integrations device list. Next to the device name, there is a red dot, indicating that communication has not yet been established. The dot will change to green when the device is synchronized.

Integration credentials are checked periodically. An email message will be sent to the Rapid7 administrator if credentials have expired.

Edit Rapid7 Vulnerability Management (InsightVM) integration

You can edit the Rapid7 Vulnerability Management (InsightVM) connection credentials.
To edit a connection:

1. From the Digital Risk Protection (Threat Command) main menu, select Automation > Integrations.
2. From the Integrations  window, click Cloud.
3. Select the integration to update.
   The integration details are displayed.
4. (Optional) You can enable or disable the collection of host information.
5. Make necessary corrections, then click Test Credentials.
   If the credentials are not valid, a message is displayed.
6. Click Save.