IoT Security
Set up Rapid7 InsightVM for Integration
Table of Contents
Set up Rapid7 InsightVM for Integration
Set up Rapid7 for integration with IoT Security through
Cortex XSOAR.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following Cortex XSOAR setups:
|
When either the Cortex XSOAR cloud or an on-premises
XSOAR engine connects to either a cloud-based or on-premises Rapid7
management system, it must authenticate itself by presenting a valid
username and password belonging to a user account with all security
console permission. It can either use an existing user account or
one that you can create specifically for it.
These integration
instructions assume you have already set up one or more sites and
know where the devices you want to scan are. Although they are based on
Rapid7 InsightVM 6.5.67, you can still use them as a guide if you’re
integrating IoT Security with Rapid7 Nexpose.
- Log in to the security console of your Rapid7 management system.After logging in to the system for the site where you want to scan IoT devices, note the URL. You will need it when configuring the Rapid7 instance in Cortex XSOAR later.
- Create a user account.
- Click Administration and then click Create in the Users section.
- In the General tab, enter the following:User Name: Enter the name for the user account such as IoTSecurity1.Authentication method: InsightVM userFull name: Enter a name such as user1.E-mail address: Enter your email address.Password and Confirm Password: Enter a password for the user account.Passwords must be at least six characters long.Account enable: (select)
- Click Roles and choose Global Administrator from the Role drop-down list.
- Click Site Access and confirm that Allow this user to access all sites is selected.
- Click Asset Group Access and confirm that Allow this user to access all asset groups is selected.
- Save your changes.
