The Rapid7 connector gathers data about device security from either a cloud or on-premises instance of Rapid7. It uses the InsightVM API V3.
- Host name
- MAC address and IP address
- OS type and version
- Asset ID
- Whether a resource has been assessed for vulnerabilities or policies
- Software vendors and products
- Vulnerability status and severity
- Risk scores
- Vulnerability details
- Scan history
- User group and user information
- Counts for vulnerabilities, categorized as: critical, exploits, malware kits, moderate, severe, and total
- Device policy and device policy group information
A Rapid7 connector has the following options:
- Connector name: A name for the connector.
- Connector server name: The name of the connector server that this connector is associated with. Each connector can only be associated with one connector server. If you added the connector to a specific connector server, this field may be populated for you. Otherwise, you can select the connector server from the list.
- Rapid7 URL or server name: The server name for a Rapid7 server that you want to retrieve data from.
- Ignore certificate errors. Allows the connector to use the connection even if there are errors with the certificate. This option is provided primarily for debugging and shouldn't be used long-term.
- Username and password. Credentials.
- Repeats: How often the connector should gather data.
- Start time: The time of day the connector should start running. To minimize the impact on your network and applications, we recommend that connectors generally run at night or on weekends.
- Active: Whether the connector is active or not. While the connector is active, it runs according to the schedule you create. If you clear the check box, the connector is inactive and will not gather data until the check box is enabled again and the connector is saved.
For details on configuring or using connectors, see Setting up connectors.