Rapid7 Insight VM¶
Cyderes supports the ingestion of asset and vulnerability data from the Rapid7 Insight VM api. For more information regarding Rapid7 Insight VM, please visit their website.
Chronicle Data Types¶
- RAPID7_INSIGHT
Requirements¶
API Key Permissions¶
In order for Cyderes to begin ingesting asset and vulnerability data from the Rapid7 platform, an API key should be generated through your Insight account.
Note
Please consult the below documentation regarding API key management on how to generate a key and the different kinds of keys there are.
It is recommended that you generate a specific Cyderes user key as the organization key has very open permissions. However, the user must have Platform Admin permissions. These are the least privileges supported by the API at this time.
API URL¶
Rapid7 provides multiple API regions which ingestion of logs may happen in. It is important that Cyderes is provided with your API region URL for ingestion to be successful.
For example: https://us.api.insight.rapid7.com
for US1, https://us2.api.insight.rapid7.com
for US2, or https://eu.api.insight.rapid7.com
for the EU region.
If your API region is not listed in the URL you can refer to the Rapid7 documentation on how to find your region
The full list of regions can be found in the Rapid7 Regions Documentation
Gather Information¶
Please provide the following information to Cyderes in order to complete the integration:
- API Key
- API URL
For more information regarding the Rapid7 InsightVM API, please reference their documentation.