Rapid7 InsightVM provides visibility and risk prioritization for vulnerabilities found in local, remote, cloud, containerized, and virtual infrastructure.
Lucidum uses the Rapid7 Connector to ingest data from Rapid7 InsightVM.
For more information about Rapid7 and Lucidum, see https://lucidum.io/rapid7/.
To use the Rapid7 Connector in Lucidum:
Before configuring the Rapid7 connector in Lucidum, you must create a read-only account in Rapid7 that allows Lucidum to ingest information from Rapid7.
You can then configure the Rapid7 connector in Lucidum and start ingesting data from Rapid7.
NOTE: Lucidum currently supports Rapid7 API Version 3, because Version 3 provides more detailed information than Version 4.
Create a Read-Only Account in Rapid7
To create a read-only username and password credentials:
Login to the Rapid7 administrator panel with an administrator account.
In the users panel, click Create to create a new account
From the General menu option, fill in the user details.
If you have enabled Two Factor Authentication, generate a Two Factor Authentication token
Click the Roles menu option and select the User role.
Click the Site Access menu option and select Allow this user to access all sites.
Click the Asset Group Access menu option and select Allow this user to access all asset groups.
Click Save and log in to the administrator panel. This will create the user.
To enable Two Factor Authentication:
As a Global Administrator, go to the Administration tab.
In the Global and Console Settings section, click the Administer link.
Select Enable two-factor authentication.
Configuring the Rapid7 Connector
To configure Lucidum to ingest data from Rapid7:
Log in to Lucidum.
In the left pane, click Connector.
In the Connector page, click Add Connector.
Scroll until you find the Connector for Rapid7. Click Connect. The Settings page appears.
In the Settings page, enter the following:
URL. The URL of the Rapid7 API. For example, https://lucidum02:3780/api/3/
Port. Optional. For cloud-hosted versions, the default value is 443. For on-premises versions, the default value is 3780.
User name The user name for a user account that has read permission to fetch assets.
Password . The password for a user account that has read permission to fetch assets.
Token. Optional. For two-factor authentication only. If supplied, the Lucidum connector will use two-factor authentication when communicating with the Rapid7 InsightVM server.
Verify SSL. For future use.
To test the configuration, click Test.
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
If the connector is not configured correctly, Lucidum displays an error message.
Creating a Read-Only Account
Roles is User.
Site Access is Allow this user to access all sites
Asset Group Access is Allow this user to access all asset groups