HERE'S WHY
Connecting Rapid7 InsightVM to Drata allows for the automated, continuous monitoring and evidence collection of the dozens of vulnerabilities issues required for compliance.
Connecting InsightVM will sync any reports generated in the platform into Drata to be attached as evidence to various vulnerability-related controls. You will be able to view the synced reports by clicking the ‘View Reports button on the connection card after successful setup.
BEFORE DIVING IN
These reports will not be automatically mapped as evidence for any controls, as we know many customers have more than just vulnerability reports in their Rapid7 InsightVM instances. So, once the correct report is synced, you must directly attach it to the control.
Rapid7 InsightVM reports are only accessible through an InsightVM console server. To enable Drata to connect this integration, the console must be on a public network and access must be made available to Drata IP addresses (found here) for Drata to pull reports.
The Drata monitoring test “Record of Vulnerability Scans'' interacts with this integration. When a report from Rapid7 is linked to the control “Quarterly Vulnerability Scan” (DCF-18), the monitor will pass.
HERE'S HOW
Overview of what we're going to set up:
Acquire the hostname of the server hosting your Rapid7 InsightVM console
Prepare to enter the username and password of an account with access to reports
Connect your Account
With the server hostname and user credentials in hand, open the Rapid7 integration tile and input the gathered information.
If successful, you will see it appear in the ‘Vulnerability Scanning’ section of your Active connections.
To view the reports being synced, click the ‘View Findings’ button to see the list of reports synchronized from the console.
If some items are not yet present, you may need to click the ‘Resync’ button and wait for the report to be loaded. Drata will email you to let you know when a synchronization has completed.