Set additional filter parameters for Rapid7 InsightVM imports

Watch

Save as PDF

Share this page

Feedback

Security Operations

HomeXanadu Security ManagementSecurity OperationsAttack surface management applicationsVulnerability ResponseVulnerability Response integrationsUnderstanding the Rapid7 Vulnerability IntegrationSet additional filter parameters for Rapid7 InsightVM imports

Table of Contents

Set additional filter parameters for Rapid7 InsightVM imports

Release version:
Xanadu
Yokohama
Washington DC
Vancouver
UpdatedAug 1, 2024
2 minutes to read

Xanadu
Vulnerability Response

Customize the filtering parameters for your scheduled queries with the Rapid7 Integration for Security Operations to help you further refine the vulnerability data you import with the Rapid7 InsightVM product.

Before you begin

Use cases: As a vulnerability manager or analyst, you might want to filter data from your queries so that you can review only specific vulnerability details. For example, you might want to view only imported vulnerabilities that are Critical and Severe.

To help you gather this data, you add Rapid7 parameters to help you import the specific vulnerability details you need.

Without adding additional API calls or coding, starting with v13.4, feature permits you to customize your HTTP Request information with Rapid7 InsightVM parameters in your ServiceNow AI Platform. The following Rapid7 InsightVM Integrations support filtering by adding JSON content in the request body:

Rapid7 InsightVM Vulnerable item Integration API
Rapid7 InsightVM Vulnerability Integration API
Rapid7 InsightVM

You should know how to use JSON strings for this feature.

Role required: sn_vul.vulnerability_admin

Procedure

Locate the parameters supported by the Rapid7 InsightVM product on the Rapid7 developer site that you want to use for your filtering.

You can create the parameters for the request body by referring to the Rapid7 documentation. Parameters and values you enter from the Rapid7 InsightVM product are supported only at the integration instance level.
Navigate to All > Rapid7 Vulnerability Integration > Administration > Integrations.
On the Rapid7 Integrations list page, click the record for the Rapid7 InsightVM integration that you want to open it.
On the right of the page, click the information icon (I) for REST message followed by Open Record.
With the HTTP Request tab selected, Under HTTP Methods, in the Name column, click an item to open its HTTP Query parameters.
Under HTTP method record, under HTTP Query Parameters, in the Content field, enter the parameter values you found on the Rapid7 developer site.

In the following image, the string for severity is added.

If you want to enter more than one parameter, refer to the Rapid7 documentation for more information about how to separate each value.
Click Update.

Was this topic helpful?

Yes No

Initiate rescan for the Rapid7 Vulnerability Integration

Understanding the Shodan Exploit Integration

Initiate rescan for the Rapid7 Vulnerability Integration

Understanding the Shodan Exploit Integration

Xanadu Security Management

Filters

Versions

Products