Rapid7

Serverless Security Stack

This page explains how to make data from the Rapid7 InsightVM integration (Rapid7) appear in the following places within Elastic Security:

Findings page: Data appears on the Vulnerabilities tab.
Alert and Entity details flyouts: Data appears in the Insights section of the Alert and Entity details flyouts.

In order for Rapid7 data to appear in these workflows:

Ensure you have read privileges for the following index: security_solution-*.vulnerability_latest.
Follow the steps to set up the Rapid7 integration.
(Elastic Stack users) Ensure you're on at least v9.1.
Make sure the Rapid7 version is at least 2.0.0.

Note

You can ingest data from the Rapid7 integration for other purposes without following these steps.