Rapid7 Nexpose and InsightVM
  • 15 Dec 2022
  • 5 Minutes to read
  • Dark
    Light
  • PDF

Rapid7 Nexpose and InsightVM

  • Dark
    Light
  • PDF

Rapid7 Nexpose is an on-premise vulnerability management solution, providing discovery, detection, verification, risk classification, impact analysis, reporting and mitigation.
Rapid7 InsightVM is a cloud-based vulnerability management solution that combines Rapid7’s Insight platform along with Nexpose core capabilities.

Note:

This adapter supports Rapid7 InsightVM API Version 3. If you are using Rapid7 InsightVM API v4 use the Rapid7 InsightVM adapter.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Host name (required) - The hostname or IP address of the Rapid7 Nexpose/InsightVM server.

  2. Port (required) - Use port 3780.

  3. User name and Password (required) - The credentials for a user account that has the Required Permissions to view site asset data.

  4. Token (for 2FA only) (optional)

    • If supplied, Axonius will use two factor authentication when communicating with the Rapid7 Nexpose/InsightVM server. If you have enabled Two Factor Authentication, specify the Two Factor Authentication token.
    • If not supplied, Axonius will not use two factor authentication when communicating with the Rapid7 Nexpose/InsightVM server.
  5. Fetch tags - Select whether to fetch devices tags from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch tags associated with devices data from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch tags associated with devices data from Rapid7 Nexpose/InsightVM.
  6. Fetch installed software - Select whether to fetch installed software from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch installed software data from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch installed software data from Rapid7 Nexpose/InsightVM.
  7. Fetch open ports - Select whether to fetch open ports from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch open ports data from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch open ports data from Rapid7 Nexpose/InsightVM.
  8. Fetch policies - Select whether to fetch the policies associated with devices from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch policies associated with devices from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch policies associated with devices from Rapid7 Nexpose/InsightVM.
  9. Fetch vulnerabilities - Select whether to fetch devices' vulnerabilities from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch vulnerabilities data from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch any vulnerabilities data from Rapid7 Nexpose/InsightVM.
  10. Fetch vulnerabilities solutions - Select whether to fetch devices' vulnerabilities solutions names from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch vulnerabilities solutions names from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch any vulnerabilities solutions names from Rapid7 Nexpose/InsightVM.
  11. Fetch policies rules - Select whether to fetch the policies rules associated with devices from Rapid7 Nexpose/InsightVM.

    • If enabled, Axonius will fetch policies rules associated with devices from Rapid7 Nexpose/InsightVM.
    • If disabled, Axonius will not fetch policies rules associated with devices from Rapid7 Nexpose/InsightVM.
  12. Site name exclude list (optional) - Specify a comma-separated list of site names to be excluded from data fetch.

    • If supplied, Axonius will not fetch devices from the specified site names.
    • If not supplied, Axonius will fetch devices from all site names.
  13. Number of simultaneous devices (optional) - Set the number of simultaneous devices received from Rapid7 Nexpose/InsightVM server to gain better control on the performance of all connections of for this adapter.

    • If not supplied, Axonius will set the number as 50.
  14. Do not fetch devices with no MAC address and no hostname - Select whether to exclude fetching devices without MAC address and without hostname.

    • If enabled, Axonius will only fetch devices having MAC address or hostname.
    • If disabled, Axonius will fetch devices even if those do not have MAC address and no hostname.
  15. Tag Keys include list (optional) - Enter a comma separated list of specific tags to be fetched.

  16. Verify SSL - Select whether to verify the SSL certificate offered by the value supplied in Host name. For more details, see SSL Trust & CA Settings.

  17. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Host name.

  18. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host name via the value supplied in HTTPS Proxy.

  19. HTTPS Proxy Password (optional) - The password to use when connecting to the value supplied in Host name via the value supplied in HTTPS Proxy.

  20. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Rapid7NexposeInsight.png


Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Fetch users information for devices (required, default: true) - Select whether to fetch users information for fetched devices.

    • If enabled, all connections for this adapter will fetch also user information that is associated with the fetched devices. For example, Last Used User field.
    • If disabled, all connections for this adapter will not fetch any user information that is associated with the fetched devices.
  2. Use IP address as part of the Axonius ID - Select this option to add the IP address to the device.id value.

  3. Calculate Last Seen from Agent and Scan data - Select this option to populate the Last Seen field with the the greater of the two dates from theLast Scan and Last Agent Import fields.


Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

APIs

Axonius uses Rapid7 InsightVM API Version 3.

Required Permissions

The value supplied in Username must have Read access to devices.

Creating User and Password Credentials in the Rapid7 Nexpose Admin Panel

To create a read-only username and password credentials for Axonius

  1. Connect to the Rapid7 Nexpose admin panel as an admin, and navigate to the administration panel
    image.png

  2. In the Users panel, click Create to create a new account for Axonius.

    image.png

  3. From the General menu option, fill in the user details.
    If you have enabled Two Factor Authentication, generate a Two Factor Authentication token, to be used in the Rapid7 Nexpose adapter configuration in Axonius.

    image.png

Note:
To enable Two Factor Authentication:
1. As a Global Administrator, navigate to the Administration tab.
2. Click the Administer link in the Global and Console Settings section.
3. Select Enable two factor authentication.
  1. From the Roles dropdown, select User.

    image.png

  2. From the Site Access option, select Allow this user to access all sites.

    image.png

  3. From the Asset Group Access option, select Allow this user to access all asset groups.

    image.png

  4. Click Save and login at least once to the Admin panel. The user is created.


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.