Skip to main content

Rapid7 Insight Platform

The Rapid7 Insight Platform is a cloud-based security solution offering integrated tools for vulnerability management, incident detection, and application security, enhanced by advanced analytics and automation for efficient threat identification and response.

Installation

Configuration in Rapid7 Insight Platform

  1. Go to the Rapid7 Insight Platform.
  2. Click in the gear icon at the top right corner and when the dropdown is opened click on API Keys.
  3. Inside API Key Management -> User Keys, click Generate New User Key. Select your Organization and create a name for your API key. Please make sure the user that generates the API key is Platform Admin. This can be checked inside Settings -> User Management -> Click user -> Navigate to Role Management.
  4. The created API key will be addded to the JupiterOne integration instance configuration. Your API key will be displayed only one time so make sure to copy it before closing the creation modal.
note

It is strongly recommended to enable the Rapid7 Asset Correlation feature. This will allow JupiterOne to correlate assets across different products and services as part of the Unified Device data model.

Configuration in JupiterOne

To install the Rapid7 Insight integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Rapid7 Insight Platform. Click New Instance to begin configuring your integration.

Creating a configuration requires the following:

  • Organization ID: this can be found in Settings -> Organization Settings.

  • API Key: the created API key should be added here.

  • Insight Region: the region to ingest Insight data from. This can be found in the top right cornet of your Rapid7 Insight Dashboard. You should be able to see something like: United States - 2. Valid region codes: us, us2, us3, eu, ca, au or ap.

  • Product Codes to Ingest: Here we will add the Insight product codes to ingest. Please select the products that you want to ingest. The unselected ones will be skipped in the integration steps.

  • The Account Name used to identify the Rapid7 Insight Platform account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Data Source Settigns: here you will be able to customize the steps to be ingested. If desired, specific steps can be enabled/disabled from here.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.