: Integrate IoT Security with Rapid7
Focus
Focus

Integrate IoT Security with Rapid7

Table of Contents

Integrate
IoT Security
with Rapid7

Integrate
IoT Security
through
Cortex XSOAR
with Rapid7.
IoT Security
continuously and passively monitors network traffic in real time to do the following:
  • Discover the vendor, model, OS, and serial number of the network-connected devices
  • Detect the presence of security measures such as endpoint protection on devices
  • Identify anomalous behavior using machine-learning algorithms
  • Assess risk by correlating indicators with known vulnerabilities
In addition,
IoT Security
integrates with third-party vulnerability scanners such as Rapid7 InsightVM and Nexpose. You can perform on-demand vulnerability scans to get deeper insights into device vulnerabilities or when
IoT Security
detects anomalous behavior warranting investigation of particular devices. Such targeted scans complement the passive monitoring that
IoT Security
performs on network traffic by uncovering vulnerabilities on open ports that aren’t generating traffic. IoT Security incorporates the scan results such as CVEs into its ongoing risk score assessments.
When you initiate a vulnerability scan from the
IoT Security
portal, it sends a command through
Cortex XSOAR
to either a Rapid7 management system in the cloud or on premises, depending on how it’s deployed. The management system then relays the scan command to a Rapid7 scanner, which performs the vulnerability scan on the targeted device. At regular intervals,
Cortex XSOAR
imports scan results and uploads them in a PDF report to
IoT Security
. The two integration workflows are illustrated step-by-step below.
You can later send detected vulnerabilities to a CMMS (computerized maintenance management system) as work orders for tracking and resolving.
Integrating with Rapid7 requires either a full-featured Cortex XSOAR server or the purchase and activation of an
IoT Security
third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for Rapid7. The advanced plan includes a license for all supported third-party integrations.

Recommended For You