Smart SOAR Integration

The combined capabilities of Smart SOAR and Rapid7 create stronger cloud security, vulnerability management, and incident response automation. Smart SOAR integrates with both Rapid7 InsightVM and IDR to act as the command center for detecting and managing security risks, powered by orchestrated actions across both tools, automated enrichment of findings, and standardized workflows that ensure best practices are always followed.

Integration Capabilities
Rapid7 InsightVM Execute vulnerability scans and asset lookups from Smart SOAR. Ingest and analyze vulnerability reports.
Rapid7 InsightIDR Ingest, enrich, and orchestrate response to InsightIDR events. Update investigation statuses in InsightIDR from Smart SOAR.

Key Use Cases


Vulnerability Scan Response

Smart SOAR’s integration with Rapid7 InsightVM feeds vulnerability scans into automation-powered response workflows. When InsightVM runs a scan across endpoints and detects a vulnerability, Smart SOAR reads and parses the scan report and generates an incident response playbook. Smart SOAR determines the endpoint on which the vulnerability was found and enriches the report with contextual information, including MITRE ATT&CK TTP correlation. The user can notify the necessary teams from Smart SOAR or generate an IT ticket to schedule a patch or update. If the organization has existing scripts for patch management, Smart SOAR can trigger those directly.

Security Alert Response Automation

By combining Rapid7 IDR for cloud-based threat detection with Smart SOAR for incident enrichment and response, you can easily escalate genuine threats to incident status in Smart SOAR. With data enrichment and orchestration across your entire security stack, you can efficiently respond to real threats. Incident response teams can manage breaches from end-to-end using the Rapid7 IDR and D3 Smart SOAR integration.

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.

X Rapid7 Integration

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.