Rapid7 + D3 Smart SOAR
Manage Vulnerabilities in The Cloud and On-Premise
Rapid7 solutions make it easy to manage vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate operations. The combined capabilities of Smart SOAR and Rapid7 create stronger cloud security, vulnerability management, and incident response automation.
Expert-Built and Maintained Integrations
D3’s integration team takes the burden of coding, troubleshooting, and updating integrations off your hands. As a vendor-agnostic SOAR provider, we are able to dig deep into Rapid7’s technology to build two important integrations.
- Rapid7 InsightVM: Execute vulnerability scans and asset lookups from Smart SOAR. Ingest and analyze vulnerability reports.
- Rapid7 InsightIDR: Ingest, enrich, and orchestrate response to InsightIDR events. Update investigation statuses in InsightIDR from Smart SOAR.
Use Case 1
Vulnerability Scan Response
Smart SOAR’s integration with Rapid7 InsightVM feeds vulnerability scans into automation-powered response workflows. When InsightVM runs a scan across endpoints and detects a vulnerability, Smart SOAR reads and parses the scan report and generates an incident response playbook.
- Smart SOAR determines the endpoint on which the vulnerability was found and enriches the report with contextual information, including MITRE ATT&CK TTP correlation.
- The user can notify the necessary teams from Smart SOAR or generate an IT ticket to schedule a patch or update.
- If the organization has existing scripts for patch management, Smart SOAR can trigger those directly.
Use Case 2
Security Alert Response Automation
By combining Rapid7 IDR for cloud-based threat detection with Smart SOAR for incident enrichment and response, you can easily escalate genuine threats to incident status in Smart SOAR. With data enrichment and orchestration across your entire security stack, you can efficiently respond to real threats.
- Incident response teams can manage breaches from end-to-end using the Rapid7 IDR and D3 Smart SOAR integration.
- Orchestrate across unlimited third-party tools.
- Manage complex investigations from a single interface.
Why Smart SOAR?
Joint users of Rapid7 and D3 Smart SOAR don’t just get vulnerability management and incident response automation; they also get the countless other features that make Smart SOAR the leading independent SOAR solution, including:
Expert-built codeless integrations across the stack
Tier 1–3 Automation, based on deep research into the capabilities of common tools
The Event Pipeline, which reduces alert volume by up to 98%
Cross-dimension correlation, which acts across tools, timeframes, TTPs, and artifacts
Rapid7 Integration: Summary
Integrations Done the Right Way
An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.