• Welcome
    • Welcome to Digital Risk Protection (Threat Command)
    • Register to Digital Risk Protection (Threat Command)
    • Log in to Digital Risk Protection (Threat Command)
    • Multi Tenant Threat Management
    • Rapid7 Product Connections
    • Customer Support
  • Digital Risk Protection (Threat Command)
    • Digital Risk Protection (Threat Command)
    • Architecture Overview
    • Digital Risk Protection (Threat Command) Quick Start
    • Threat Summary
    • Manage Alerts
      • View Alert Information
      • Filter and Search Alerts
      • Perform Actions on Multiple Alerts
      • Change Alert Severity
      • Change Alert Status
      • Assign Alerts
      • Add a Watcher to Alerts
      • Flag Alerts
      • Mark Alerts as Read or Unread
      • Add or Remove Alert Tags
      • Share Alerts
      • Exclude Irrelevant Domains
      • View Alert Details
      • View Alert History
      • Ask an Analyst About an Alert
      • Add Notes to an Alert
      • Add a Document to an Alert
      • See the Alert ID
      • Visit an Alert Source Site
      • Preview an Alert Source Site
      • Export Alerts to a CSV
      • Manage the Summary Alert
    • Remediate an Alert
      • Initiate a Takedown Remediation
      • Initiate a Report Remediation
      • Initiate a Blocklist Remediation
      • Evidence Best Practice Guidelines
      • Additional Monitoring and Protection Steps
      • During a Remediation
      • Manage Remediations
    • Threats
      • View Threat Details
      • Filter and Search Threats
      • View Threat Decision Parameters
      • Upgrade a Threat into an Alert
      • View the Timeline of Events Related to a Threat
      • Investigate a Threat
      • Export Threats to a CSV
      • Phishing Threats
      • Mobile Applications Threats
      • Exploitable Data Threats
      • Public Repositories Threats
      • Social Media Threats
      • Data Leakage Threats
      • Dark Web Threats
    • Strategic Intelligence
    • IntelliFind
    • Create Reports
    • Configure Assets
      • Asset Types and Formats
      • Alerts from Assets
    • Asset Management
    • Configurations
      • Customize General Options
      • Prepare for Remediation
      • Configure the Phishing Watch
  • Threat Intelligence (Intelligence Hub)
    • Overview
    • Quick Start
    • IOC Summary
    • IOCs
    • Investigation
      • View Investigation Map and Overview
      • View Investigation Additional Enrichment Data
    • Threat Library
      • Threat Library Related Information
    • Sources
      • Add IOCs to Sources
      • Add the CrowdStrike Feed
      • Add a STIX/TAXII Feed
      • Add a MISP Server Feed
    • Integrations
  • Vulnerabilty Risk Analyzer (VRA)
    • Vulnerability Risk Analyzer
    • Manage Vulnerabilities
      • CVE Details
      • Export CVEs to a CSV
    • Vulnerability Alerts
  • Threat Third-Party
    • Threat Third Party
    • Risk Assessment
  • Automation
    • Automation
    • Automate Actions on Alerts
      • Global Policy Rules
      • Digital Risk Protection (Threat Command) Policy Rules
      • Edit Policy Rules
    • Automate Internal Remediation
      • Create IOC Management Rules
      • Manage IOC Groups
    • Alert Profiler
      • Alert Profiler Rule Creator
      • Phishing Scenario Rule Conditions
      • Exploitable Data Scenario Rule Conditions
      • Public Repositories Scenario Rule Conditions
      • Brand Security Scenario Rule Conditions
      • Data Leakage Scenario Rule Conditions
      • Attack Indication Scenario Rule Conditions
      • Decision Parameters
      • Aggregate Alerts
      • Create Alerts from Events
      • Manage Excluded Domains
  • Integrate Devices
    • Integrate Devices
    • The Digital Risk Protection (Threat Command) Virtual Appliance
      • Virtual Appliance Deployment and Set-Up
      • Optional OVA Configuration
      • Enable IOC Communication from Digital Risk Protection (Threat Command) to the Device
      • Add a Device to the Virtual Appliance
      • Determine the Version of Virtual Appliance
    • Integrate Cloud Devices
      • Integrate an ArcSight REST Cloud Device
      • Integrate a Carbon Black Response Cloud Device
      • Integrate a Check Point R80.x Cloud Device
      • Integrate a Cisco Firepower Cloud Device
      • Integrate a CrowdStrike Falcon Insight Cloud Device
      • Integrate a Fortinet FortiGate Cloud Device
      • Integrate a Fortinet FortiSIEM Cloud Device
      • Integrate a LogRhythm SIEM Cloud Device
      • Integrate a McAfee ESM Cloud Device
      • Integrate a Microsoft Azure Sentinel Cloud Device
      • Integrate a Microsoft Office 365 Cloud Device
      • Integrate a MISP Cloud Device
      • Integrate a Palo Alto Networks Panorama Cloud Device
      • Import CVEs from Qualys Integration
      • Rapid7 Vulnerability Management (InsightVM) Import
      • Integrate a Splunk Enterprise Security Cloud Device
      • Pull IOCs from the Rapid7 TAXII server
      • Import CVEs from Tenable.io Integration
    • Integrate On-Premises Devices
      • Integrate an ArcSight REST On-Premises Device
      • Integrate a Carbon Black Response On-Premises Device
      • Integrate a Check Point R80.x On-Premises Device
      • Integrate a Cisco Firepower On-Premises Device
      • Integrate a FireEye Endpoint Security (HX Series) On-Premises Device
      • Integrate a Fortinet FortiGate On-Premises Device
      • Integrate a Fortinet FortiManager On-Premises Device
      • Integrate a Fortinet FortiSIEM On-Premises Device
      • Integrate an IBM QRadar On-Premises Device
      • Integrate a LogRhytm SIEM On-Premises Device
      • Integrate a McAfee ESM On-Premises Device
      • Integrate a Palo Alto Networks Panorama On-Premises Device
      • Integrate a Splunk Enterprise Security On-Premises Device
      • Integrate a Splunk Standalone On-Premises Device
      • Integrate a Symantec ProxySG On-Premises Device
      • Integrate a Websense On-Premises Device
      • Integrate a Zscaler Internet Access On-Premises Device
    • Automate Leaked Credentials with Active Directory
      • Integrate an Azure Active Directory Device
      • Integrate a Microsoft Active Directory
    • SIEM (InsightIDR) Integration
    • IntSights App for Splunk
      • Splunk App Install, Configure, and Upgrade
    • IntSights Splunk App for Splunk SOAR (Phantom)
      • IntSights Splunk App for Splunk SOAR Installation and Configuration
      • IntSights Splunk App for Splunk SOAR Activities
    • Rapid7 Digital Risk Protection (Threat Command) App for Elastic SIEM
    • ServiceNow Security App
      • ServiceNow Security App Installation and Configuration
      • ServiceNow Security App Incidents and Correlating IOCs
      • ServiceNow Security App Administration
    • ServiceNow ITSM App
      • ServiceNow ITSM Installation
      • ServiceNow ITSM Configuration
      • ServiceNow ITSM Use Cases
      • ServiceNow ITSM Support, Troubleshooting, and Known Behaviors
    • IntSights App for IBM QRadar
      • IBM QRadar App Installation and Configuration
    • Integration Appendix
      • General Configuration
      • Upgrade the Digital Risk Protection (Threat Command) virtual appliance
      • Install a New Certificate
      • Change Existing ArcSight Configuration
      • Change Check Point Device Blade Configuration
      • Virtual Appliance Hardening
  • Settings
    • Update User Profiles
    • Configure Users
    • Configure Customers
    • Subscription Settings, Keys, and API
    • Authentication Options
      • Configure Azure AD SSO
      • Configure Generic SAML SSO
      • Configure Okta SSO
      • Configure PingOne SSO
      • Enable SP-Initiated User Login
      • Provision Users with JIT
  • Rapid7 Extend Browser Extension
    • Rapid7 Extend Browser Extension
    • Install and Configure Rapid7 Extend
    • Manage and Configure Rapid7 Extend
    • View IOCs and CVEs with Rapid7 Extend
  • Phishing Watch
    • Phishing Watch
    • Website Clone Detection
    • Website Redirect Detection
    • IFrame Detection
    • Phishing Watch Frequently Asked Questions

Digital Risk Protection (Threat Command)”
Copy link

This section describes the Digital Risk Protection (Threat Command) module of Rapid7 Digital Risk Protection (Threat Command).

For the quickest way to get started to manage alerts, skip to Digital Risk Protection (Threat Command) Quick Start.

The Digital Risk Protection (Threat Command) module includes the following functions:

  • Managing alerts
  • Remediating alert
  • Monitoring threats
  • Configuring assets
  • Creating reports
  • Updating user profile details
  • © Rapid7
    • Legal Terms
    • Privacy Policy
    • Export Notice
    • Trust