Login
    Contents x
    Rapid7 InsightVM
    • 29 Feb 2024
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Rapid7 InsightVM

    • Updated on 29 Feb 2024
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Rapid7 InsightVM provides visibility and risk prioritization for vulnerabilities found in local, remote, cloud, containerized, and virtual infrastructure.

    Note:

    Axonius uses the InsightVM Cloud Integrations API. This API refers to InsightVM API v4. If you use a previous version of InsightVM that supports Rapid7 InsightVM API v3, use the Rapid7 Nexpose and InsightVM adapter.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices

    Parameters

    1. Domain (required, default: us.api.insight.rapid7.com) - The domain of the Rapid7 InsightVM server. The default domain is us.api.insight.rapid7.com. This value may vary depending on your Rapid7 accounts 'region'. More information is available under Rapid7 Supported Regions.
    2. API Key (required) - An API Key associated with a user account that has permissions to fetch assets.
    3. API Version (required, default: v4/integration) - Select the API version from the dropdown.
      • V4 (Preferred API Version) - Used to fetch data using the Version 4 API.
      • Experimental - Used to fetch additional data using the Experimental API, such as Vulnerability Status. This option is not recomended for use by Axonius. If the experimental API is offline, the adapter will fall back to using the V4 API.
      Note:

      When experimental is selected, the Fetch Software - Experimental Advanced Setting has no effect on the fetch results.

    4. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
    5. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Domain.
    6. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Domain via the value supplied in HTTPS Proxy.
    7. HTTPS Proxy Password (optional) - The password to use when connecting to the value supplied in Domain via the value supplied in HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Rapid7InsightVM


    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Exclude devices missing all of the following: IP, Hostname, MAC (optional) - Select this option to exclude devices with no MAC address, no hostname, and no IP address from the fetch. If the devices have none of these fields it is not fetched.

    2. Tag Keys Include list (optional) - Specify a comma-separated list of Tag Keys in Rapid7 InsightVM. When supplied, all connections for this adapter will only fetch devices from Rapid7 InsightVM with the Tag Keys provided in this list.

    3. Do not fetch devices without Last Seen and no hostname (optional) - Select this option to exclude devices in which Last Seen or hostname information is unavailable.

    4. Do not fetch devices without a MAC address or Hostname (optional) - Select this option to exclude devices without a MAC address or hostname from the fetch. When the option is cleared, Axonius will fetch devices even if they do not have a MAC address or hostname.

    5. Fetch Software - Experimental (optional) - Select to fetch the software used by a device via the Get Asset Endpoint.

      Note:

      Rapid7 reports that this endpoint is experimental and subject to change at any time. No guarantee is made that revised versions of this endpoint will be backward compatible.

    6. Remediated vulnerabilities comparison date (optional) - Select a date in which device vulnerabilities are compared to determine if they were subsequently patched. For example, a device had vulnerable software on December 10, 2022. The software was updated on January 10, 2023, remediating the vulnerability; if the selected comparison date is January 1, 2023, then the vulnerability information is fetched and considered a remediated vulnerability.
      If no date is selected, then remediated vulnerabilities aren't fetched.

    7. Deduplicate devices - This API often yields the same device multiple times (matching MAC, hostname, IP). Enable this option to choose only the device with the latest last-seen timestamp.

    8. Only fetch devices if they have a MAC address and a hostname and an IP address - Select this option to only fetch devices that have both a MAC address, and a hostname and an IP address.

    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


    APIs

    Axonius uses the InsightVM Cloud Integrations API. This API refers to InsightVM API v4. If you use a previous version of InsightVM that supports API v3, use the Rapid7 Nexpose and InsightVM adapter.

    Required Ports

    Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

    • TCP port 443


    Troubleshooting

    Make sure you perform monthly maintenance and tuning on your On-Premise Rapid7 Postgresql database as explained by Rapid7. This ensures optimzed Axonius fetch performance.


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout