InSightVM and Ivanti Service Manager Integration

InsightVM and Ivanti Service Manager Integration helps in reducing security risk for your organization by early detection of security vulnerabilities through automated Workflow and Schedule Entry.

Integration Process

Prerequisites

•Install the Security Operations Package available in Ivanti Marketplace.

•You should have InSightVM installed on your computer and have necessary data (assets and sites) in your InSightVM application that you will be integrating with ISM. For more information, see InSightVM help.

Enable the global constant

1.Open the Configuration console > Global Constants.

2.In the Value field of Rapid7 API Key, enter the API key. You need to get this information from your InSightVM account. For more information, see Managing API Keys documentation in InSightVM help.

Modify the Schedule Entry

With the Security Operations Package you installed, the Schedule Entry - Integration Fetch New Vulnerabilities Daily is available. You can modify this Schedule Entry as per your business need.

1.Log in to Service Manager.

2.Click More, search and open the Schedule Entry Business Object.

3.Open the Integration Fetch New Vulnerabilities Daily Schedule Entry.

4.Modify the following fields of the Schedule Entry as to when you would like to schedule the Workflow - Rapid7 Integration Fetch Vulnerabilities to scan security vulnerabilities:

•Start Time and End Time

•Start Date and End Date

•Recur Every

5.Click Save.

Publish the Workflow

With the Security Operations Package you installed, the workflow - Rapid7 Integration Fetch Vulnerabilities is available with all necessary Quick Actions and Web Services already configured. However, you need to publish the workflow for the first time for it to take effect.

1.Open the Configuration console and select Business Objects.

2.Search and open the Schedule Entry Business Object.

3.Click Workflows tab and open the Rapid7 Integration Fetch Vulnerabilities workflow.

4.Click Publish and Ok to confirm publishing the workflow.

The integration setup is complete. The workflow will be triggered as scheduled and security threats and vulnerabilities will be detected and listed in the Site Configuration, Discovered Assets, and Vulnerabilities workspaces. Security Incidents are automatically created for vulnerabilities of high risk.