Rapid7 Integration

XGEN SOAR Integration

The combined capabilities of D3 SOAR and Rapid7 create stronger cloud security, vulnerability management, and incident response automation. D3 integrates with both Rapid7 InsightVM and IDR to act as the command center for detecting and managing security risks, powered by orchestrated actions across both tools, automated enrichment of findings, and standardized workflows that ensure best practices are always followed.
Rapid7 Integration

Download Integration Guide



Integration Capabilities
Rapid7 InsightVM Execute vulnerability scans and asset lookups from D3. Ingest and analyze vulnerability reports.
Rapid7 InsightIDR Ingest, enrich, and orchestrate response to InsightIDR events. Update investigation statuses in InsightIDR from D3.

Key Use Case

Rapid7 Integration

#1: Vulnerability Scan Response

D3’s integration with Rapid7 InsightVM feeds vulnerability scans into automation-powered response workflows. When InsightVM runs a scan across endpoints and detects a vulnerability, D3 reads and parses the scan report and generates an incident response playbook. D3 determines the endpoint on which the vulnerability was found and enriches the report with contextual information, including MITRE ATT&CK TTP correlation. The user can notify the necessary teams from D3 or generate an IT ticket via D3 to schedule a patch or update. If the organization has existing scripts for patch management, D3 can trigger those directly.
Rapid7 Integration

#2: Security Alert Response Automation

By combining Rapid7 IDR for cloud-based threat detection with D3 SOAR for incident enrichment and response, you can automatically escalate real threats to incident status in D3 and assess their criticality through data enrichment and MITRE ATT&CK matrix correlation. D3 can then trigger an automated response playbook or guide human analysts efficiently through manual steps, all within a single window. When Rapid7 alerts trigger D3’s automated workflows and full-lifecycle playbooks for incident response, analysts no longer have to manually coordinate dozens of triage and response tasks. Response occurs in seconds, not hours.
X Rapid7 Integration