Implementation/Admin Learning Path
      Back to home
      1. Knowledge Base
      2. Implementation/Admin Learning Path

      How do I integrate Rapid7 InsightVM

      This article details how to create a Rapid7 InsightVM account with the necessary permission to allow the Nopsec Platform to ingest vulnerability findings.

      Prerequisites

      To collect data from Rapid7 InsightVM platforms you must first deploy Nopsec's Virtual Appliance.  Click the following link to review the installation instructions: https://support.nopsec.com/knowledge/how-do-i-install-and-deploy-the-nopsec-containerized-virtual-appliance

      Create a New User Account

      First, you need to create the basic user profile.

      1. Log in to your InsightVM Security Console.

      2. Click the Administration icon on the left-hand navigation pane (it looks like a gear ⚙️).

      3. Under the Users section, click Create.

      4. In the User Configuration screen, enter the user's information, including their Full Name, Login Name, and Email Address.

      5. Select an Authentication method. For local authentication, choose Password. Set and confirm a strong password for the user.

      6. Click Save.

      2. Define a Custom Role with Specific Permissions

      Next, create a new role that contains the exact permissions this user will need.

      1. In the Administration panel, find the Roles section and click Create.

      2. Give the role a descriptive Name, like "Reporting & Asset Viewer". You can also add a Description.

      3. A Role Configuration pop-up window will appear. In this window, you will grant permissions.

      4. Check the boxes for the following permissions:

        • Under the Assets section, select:

          • View Site Asset Data

          • View Group Asset Data

        • Under the Reports section, select:

          • Create Reports

          • Manage Report Templates

      5. Click Save to create the new role.

      3. Assign the Role and Grant Access to Sites & Groups

      Finally, assign the new role to the user you created and specify which sites and asset groups they can access.

      1. Go back to the Administration panel and click on Users.

      2. Find the user you created in Step 1 and click the Edit icon (pencil ✏️) next to their name.

      3. In the User Configuration screen, find the Roles section and select the custom role you just created (e.g., "Reporting & Asset Viewer").

      4. Scroll down to the Site Access section. Select the specific sites you want this user to be able to view asset data for.

      5. Continue to the Asset Group Access section. Select the specific asset groups you want the user to access.

      6. Click Save at the bottom of the page to apply all changes.