What is Rapid7 InsightIDR? #
Rapid7 InsightIDR provides a single platform for incident detection and response, authentication monitoring, and endpoint visibility. InsightIDR identifies unauthorized access from external and internal threats and highlights suspicious activity from different data streams.
Why Should You Use the Rapid7 InsightIDR Connector? #
The Rapid7 InsightIDR connector provides visibility into devices and users in your environment. You can use this visibility to:
-
ensure devices and users are managed per your security policies
-
derive relationships between assets, users, and data
How Does This Connector Work? #
Lucidum executes read-only requests to the Rapid7 InsightIDR REST API and ingests only meta-data about Rapid7 InsightIDR assets and users. Lucidum does not retrieve any data stored on InsightIDR.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
URL |
The URL for the Rapid7 InsightIDR API. |
https://us.api.insight.rapid7.com |
|
API Key |
API Key for use by the Lucidum connector. The API key must be an Organization key. For details on generating an API Key, see:Â https://docs.rapid7.com/insight/managing-platform-api-keys/#generate-an-organization-key |
Vp7N7TwDsdfdsFbIuTaSINT84wNCWbODRQ |
|
Assessment Days |
Number of look-back days since the last vulnerability assessment. Default value is 30 |
30 |
Source Documentation #
Creating Credentials #
-
Login as an organization administrator or platform administrator.
-
Generate an Organization API key. For details, see:Â https://docs.rapid7.com/insight/managing-platform-api-keys/#generate-an-organization-key
Required Permissions #
-
InsightIDR Viewer role
