Rapid7 Integration

Edward14
Kilo Contributor

Has anybody implemented the new Rapid7 to ServiceNow api? 

Run into any issues? Any suggestions? best practices? 

Any documentation?

thanks in advance!

1 ACCEPTED SOLUTION

Lord Omicron
Giga Expert

find_real_file.pngHi Eddie,

A number of folks here have as have I. Here are some steps and things to look out for:

  • Determine the right version of the integration app as they are slightly different depending on your instance version. 
  • Download all the available documentation from the SNow Store.
  • Read through the installation instructions and documentation BEFORE doing anything else.
  • Create a checklist of steps you need to accomplish.
  • Verify that you have all the dependencies covered (for example, if you're using Nexpose and not InsightVM, you need to have the Data Warehouse feature enabled and stood up).
  • Examine each integration task and configure as needed. 
  • Take a look at the Data Warehouse Schema if you are deploying it. 
  • Setup your Vulnerability Groups and Risk Scoring strategy in ServiceNow BEFORE running the integration to import from Nexpose/InsightVM. 

I am not linking to specific docs since I don't know what version actually applies to you. We are in Kingston so the documentation is slightly different. Just go to the store page, change to the application version for your instance and download all the docs. 

Relevant link:

Rapid7 Integration for Security Operations

View solution in original post

4 REPLIES 4

jing3
Mega Guru

We had implemented Rapid 7 to ServiceNow integration with standard Warehouse approach. With API it should be much easier. We did run into some issue with upgrade, the new release on the store should have addressed the issue. Documentations are accurate.

Customize your configuration to control how much data you want to bring over. Initial data imports may be long depends on how much data you bring over. 
 
 

Lord Omicron
Giga Expert

find_real_file.pngHi Eddie,

A number of folks here have as have I. Here are some steps and things to look out for:

  • Determine the right version of the integration app as they are slightly different depending on your instance version. 
  • Download all the available documentation from the SNow Store.
  • Read through the installation instructions and documentation BEFORE doing anything else.
  • Create a checklist of steps you need to accomplish.
  • Verify that you have all the dependencies covered (for example, if you're using Nexpose and not InsightVM, you need to have the Data Warehouse feature enabled and stood up).
  • Examine each integration task and configure as needed. 
  • Take a look at the Data Warehouse Schema if you are deploying it. 
  • Setup your Vulnerability Groups and Risk Scoring strategy in ServiceNow BEFORE running the integration to import from Nexpose/InsightVM. 

I am not linking to specific docs since I don't know what version actually applies to you. We are in Kingston so the documentation is slightly different. Just go to the store page, change to the application version for your instance and download all the docs. 

Relevant link:

Rapid7 Integration for Security Operations

duldej
Kilo Contributor

I tested my API key elsewhere and it's operational, but the SNOW integration keeps giving me an error about the key.

I have the same issue.
You found a solution for this at the end?
Thanks in advance