Rapid7 Integration with Vulnerability Response and Service Graph Connector
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
If my instance has Vulnerability Response Integration with Rapid7 and also set up 'Service Graph Connector for Rapid7', would the Discovered Item coming in from the VR Integration show a 100% because the SGC already brought in the CMDB data?
Also how does the 'Service Graph Connector for Rapid7' work. Does this store the data in any staging table before it matches with a CI or creates a new CI in CMDB? Also does the SGC create an unclassed CI (like in Unclassed Hardware table)?
Will the SGC ingest all the CI details that the VR integration ingests to Discovery?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Hi @HelloCAD,
When using both the Vulnerability Response (VR) Integration with Rapid7 and the 'Service Graph Connector for Rapid7' (SGC), the CI data brought in by the SGC should significantly improve the match confidence for Discovered Items from the VR integration, likely resulting in a 100% match. The SGC is designed to populate the CMDB with rich asset data, establishing a strong baseline for the VR integration to match against.
SGC for Rapid7 works by pulling asset inventory data into staging tables within your ServiceNow instance. It then uses the IntegrationHub ETL (Extract, Transform, Load) and the Identification and Reconciliation Engine (IRE) to process this data. The IRE identifies existing CIs to update or creates new CIs, placing them in the correct CMDB class based on defined rules, which helps prevent the creation of unclassed hardware. While the VR integration also brings in CI details, the SGC is purpose-built for comprehensive CMDB population, whereas the VR integration's data is focused on the context needed for vulnerabilities. The two integrations are complementary, with the SGC building the foundational CI data and the VR integration enriching it with vulnerability information.
For further details, refer to the official ServiceNow documentation:
- https://www.servicenow.com/docs/bundle/zurich-servicenow-platform/page/product/secops-integration-vr...
- https://www.servicenow.com/docs/bundle/yokohama-security-management/page/product/secops-integration-...
Hope this helps!
Thanks & Regards,
Muhammad Iftikhar
If my response helped, please mark it as the accepted solution and helpful so others can benefit as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Thank you @M Iftikhar for your response. It was very helpful.
I have one question.
Will the Rapid7 SGC ingest all the assets that the Rapid7 VR integration will scan, or could there be a scenario where certain assets that the VR integration scanned were not ingested by SGC?
