The Rapid7 InsightVM integration enables security and compliance teams to continuously monitor vulnerabilities and remediation timelines. It connects Drata to Rapid7 InsightVM so your team can track vulnerability SLA due dates and collect evidence required for compliance monitoring.
Key Capabilities
Vulnerability monitoring: Sync vulnerabilities from Rapid7 InsightVM into Drata
SLA tracking: Monitor vulnerability remediation timelines
Automated evidence collection: Maintain vulnerability data for compliance reports
This integration automates evidence collection for the Vulnerability Scanning test, which is mapped to DCF-18 by default.
After connecting, you can review synced vulnerabilities by selecting View Findings on the connection card or by navigating directly to the Vulnerabilities page in Drata.
Prerequisites & Data Access
Access to your Rapid7 InsightVM account
Ability to generate a Rapid7 API Key
Access to your Rapid7 Base URL
Platform Administrator privileges in Rapid7 may be required to generate the API key
Required Drata Role with Write access: Admin, Workspace Managers, DevOps Engineer
Access Reviewers (Access Reviewers can only Read the connection page they can’t make changes)
Permissions & Data Table
Permission/Scope | Why It’s Needed |
Rapid7 API Key | Allows Drata to authenticate and retrieve vulnerability data |
Rapid7 Base URL | Identifies the correct Rapid7 instance for the connection |
Platform Administrator privileges | Required to generate the API key in Rapid7 |
Step-by-Step Setup
Step 1: Enable Platform Administrator Privileges (If Needed)
Log in to Rapid7.
Navigate to Settings → User Management → Users.
Open your User Details.
Enable Make this user a Platform Administrator.
Save your changes.
Sign out and sign back in to ensure the new permissions are applied.
Expected outcome: Your account has the permissions required to generate a Rapid7 API key.
Step 2: Generate a Rapid7 API Key
Log in to Rapid7.
Navigate to the API Key generation area in your account settings.
Create a new API key.
Copy and securely store the API key.
Expected outcome: You have the Rapid7 API key required to authenticate the integration.
Step 3: Copy the Rapid7 Base URL
Log in to your Rapid7 InsightVM account.
Navigate to the InsightVM page.
Copy the base URL from your browser address bar.
Example:
If your URL is:
https://us3.exposure-analytics.api.insight.rapid7.com
Your Base URL is:
https://us3.api.insight.rapid7.com
Expected outcome: You have the Rapid7 base URL needed for the connection.
Step 4: Connect Rapid7 InsightVM in Drata
Log in to Drata → go to the Connections page.
Navigate to your Available Connections.
Search for Rapid7 InsightVM or locate it under the Vulnerability Scanning connection type.
Configure the vulnerability syncing options:
Severity of vulnerabilities
Select the severity levels to sync into Drata.
Critical and High are selected by default.
Drata syncs up to 1,000 new or updated vulnerabilities, ordered by severity.
First seen on
Select the date when vulnerabilities should start syncing.
Vulnerabilities detected on or after this date will be imported.
Enter the following credentials when prompted:
API Key
Base URL
Expected outcome:
Rapid7 InsightVM is successfully connected and vulnerability findings begin syncing into Drata.
Important Notes
Drata syncs up to 1,000 vulnerabilities per connection per day, ordered from Critical to Low severity.
The selected severity levels and date range will also appear in the test result report for visibility.
After connecting, you can review vulnerabilities by:
Selecting View Findings on the connection card, or
Navigating to the Vulnerabilities page in Drata.
If the API key or base URL changes, the connection may need to be updated in Drata.