Rapid7 Threat Command

Rapid7 Threat Command is an external threat intelligence tool that helps users find and mitigate threats targeting organizations.

Asset Types Fetched

  • Devices, Users

Connecting the Adapter in Axonius

Required Parameters

  1. Host Name or IP Address - The hostname or IP address of the Rapid7 Threat Command server.

  2. Account ID and API Key - Account ID and API Key associated with a user account that has permissions to fetch assets.

Optional Parameters

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Rapid7ThreatCommand

Advanced Settings

📘

Note

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

Endpoints Config

  1. Fetch Devices from CVEs - Enable this to fetch Devices from the CVEs endpoint, which adds Threat Command vulnerability data to Vulnerable Software data.
📘

Note

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Supported From Version

Supported from Axonius version 5.0