In order to integrate with Rapid7 InsightVM you’ll need the credentials (username and password) for a user with access to the Site(s) that you want to monitor through AppSec Phoenix. It’s recommended that you create a user specifically for API access, and don’t activate MFA for its account.
Create a Rapid7 Integration
- On the sidebar menu, navigate to the Scanners tab in the Integrations section.
- Click on the “Add Scanner Integration” button on the right side of the page.
- In the first step, enter a name for this scanner integration and select Rapid7 from the list of available integrations; then click “Next“.
On the second step you need to provide the required details for the scanner integration. In the case of Rapid7 InsightVM you need to provide:
- Server URL: Enter the URL for your InsightVM instance API; typically in the form “https://<domain>:<port>”.
- Username: Enter the Username of the user obtained using the instructions at the start of this article.
- Password: Enter the Password of the user obtained using the instructions at the start of this article.
5. Click on the ‘Create Scanner’ button
After the scanner integration is created the new entry appears on the Scanners list page.
From this point onwards you will be able to select this scanner integration when creating environment Sites.