Rapid7 InsightVM Integration
Support Statement
This documentation is provided "as is" without support for 3rd party software. The level of support for this integration guide is best effort without any SLA on response time. No 3rd party product support can be provided by Superna directly. 3rd party components require support contracts. See EULA for more details.
Overview
The Rapid7 InsightVM integration provides a custom tag to flag a host as a Data Attack Surface host. This custom tag allows dashboards to report on the Data Attack Surface assets and build a custom site scan schedule for hosts that are dynamically discovered by the Superna Data Attack Surface Manager (DASM). A Data Attack Surface site is created to schedule scans on high-risk hosts with a custom schedule. CVE scan results are fully integrated into the AI prediction model within Superna Data Attack Surface Manager.
Video Overview
Integration Architecture
Configuration
-
The integration requires API access to InsightVM. Once the integration is complete, a new Superna Data Attack Surface site is configured to aggregate data risk score hosts discovered by Superna Data Attack Surface Manager.
-
The configuration files require the following information to authenticate to InsightVM:
# Configuration
USERNAME = "XXXX"
PASSWORD = "YYY"
INSIGHTVM_HOST = "https://X.X.X.X:3780" -
The scheduled scan data retrieval is automated by DASM to build the AI model training data. The results of the AI model are published into the Sites list of assets. The scheduled scan on the site ensures that all Data Attack Surface hosts are scanned for vulnerabilities.
-
Each new Data Risk Score host is synced to the site named Superna Data Attack Surface. In addition, these assets receive a custom tag named
cyberstorage. This allows filtering reports and dynamic assets with the custom tag.
Administration and Operations
Site Management
The Superna Data Attack Surface site configuration shows all assets managed dynamically by DASM using the results of the AI model. The assets tab is updated automatically as the AI model identifies new high-risk hosts.
Dynamic Asset Group Based on Custom Tag
You can create dynamic asset groups using the cyberstorage custom tag. This allows filtering, reporting on, and managing all Data Attack Surface assets as a unified group within InsightVM.
View Vulnerability Trending Over Time
InsightVM tracks vulnerability trends for the Data Attack Surface over time, allowing you to monitor risk score changes as new CVE data is collected and processed.
Reporting and Analysis
InsightVM provides reporting and analysis dashboards for the Data Attack Surface risks discovered through the integration, enabling SecOps teams to prioritize remediation of high-risk hosts identified by Superna DASM.