Install the Rapid7 Vulnerability Integration

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read

    • After you complete the set up steps for the integration so that it properly integrates with Vulnerability Response, get entitlements, download, and install the application on your ServiceNow AI Platform® instance.

    Before you begin

    Roles required: admin for downlaod and installation, sn_vuln.admin oversees configuration and verifies expected results.

    1. See Preparing for the Rapid7 Vulnerability Integration, Set up for the Rapid7 data warehouse Integration and Set up for the Rapid7 InsightVM Integration for more information about the integration types and setup requirements for the Rapid7 Vulnerability Integration.
    2. Complete the following setup checklist prior to download and installation. These setup tasks are required for a smooth installation and configuration.
    3. After the application is activated, follow the steps listed below to configure the Rapid7 Vulnerability Integration.
    Note:
    This process applies only to applications that are downloaded to production instances. If you're downloading applications to non-production or development instances, it's not necessary to get entitlements. Proceed to Activate a ServiceNow Store application.
    Setup tasks Description
    Verify that the Vulnerability Response application is installed and activated.

    To verify that this application is activated, navigate to Subscription Management > Subscriptions in your instance. The list displays the subscriptions your organization has purchased.

    If the application is not installed and activated see, Install Vulnerability Response.
    Verify that you have the required ServiceNow AI Platform roles for your instance. The following roles are required for installation, configuration, and verification of expected results.

    Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.

    • The system administrator [admin] installs the app. If not already assigned, the admin assigns the Vulnerability Admin [sn_vul.vulnerability_admin or sn_vul.admin] role.
    • The vulnerability admin oversees configuration and verifies expected results.

    The Rapid7 admin role is inherited when you are assigned an administrative role in the Vulnerability Response (VR) application.
    Validate your instance sizing based on the number of vulnerable items you expect to import. An undersized instance can lead to long load times. If you do not know the size of your instance, contact Customer Service and Support.
    Set up filtering

    Use filtering to limit the number of items for initial import and phase your deployment by adjusting filters in subsequent imports.
    Disable Vulnerability Calculators If you do not use vulnerability calculators, Disable the default vulnerability calculator if not used, in addition to any others you have defined. Vulnerability calculators run every time a vulnerable item record is created or updated, and can impact initial import performance.
    Keep default value for run-as user There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.
    Using host tags If you plan to use host tags in Vulnerability Response Assignment or Remediation Task Rules, run the Rapid7 Asset List integration prior to creating rules.
    Deduplicate existing data records When migrating from the Data Warehouse integration type to the InsightVM type you can deduplicate your existing data warehouse records. See Deduplicate Rapid7 Vulnerability Integration data warehouse records for more information.

    Procedure

    1. Log in to the instance you want to install the Rapid7 Vulnerability Integration application on.
    2. Navigate to the ServiceNow Store and log in.
    3. In the ServiceNow Store, search for the Rapid7 Vulnerability Integration application.
      Note:
      In the ServiceNow Store, the application is called, Rapid7 Integration for Security Operations. This application requires a subscription.
    4. Click the application tile.
      Detailed information about the application you are installing is displayed.
      Note:
      Consider reading the Other Requirements and Dependencies sections, as applicable.
    5. Click Request App and enter your Now Support login credentials.
    6. Click Get.
    7. Enter the Instance Name and Reason for the Instance, and click Validate Instance.
    8. Click Request.
      You will receive an email with detailed installation instructions.
    9. In your ServiceNow AI Platform instance, navigate to System Applications > All Applications > All.
    10. Locate the application, select it, and click Install.
      In the Install dialog, your dependency status is displayed. If you require a dependency application, the application you need is displayed. Follow the prompts in dialog to install the Rapid7 Vulnerability Integration application on your instance.
      Note:
      The vulnerability admin can now complete the configuration of the application. See Configure the Rapid7 Vulnerability Integration.