Rapid7 Vulnerability Management
Connector name |
|
Connector type | Executable |
Type (UI field value) | Rapid7 InsightVM/Nexpose |
Target system versions supported / tested | The |
Connector status / support | Customer-Verified Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system. |
The following Bravura Security Fabric operations are supported by this connector (depending on your product license and version):
update subscriber attributes/password
List:
service accounts
For a full list and explanation of each connector operation, see connector operations.
Preparation
Setting up a target system administrator
Bravura Security Fabric uses a designated account on Rapid7 InsightVM/Nexpose to perform Bravura Security Fabric operations. Create an account with appropriate permissions if one does not already exist.
Targeting the Rapid7 InsightVM / Nexpose system
For each Rapid7 InsightVM system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems).
Type is Rapid7 InsightVM/Nexpose .
Address uses the following options:
Server The IP address/domain name of the server.
(key: server)
Port The port number of the server.
(key: port)
Connection over SSL Select to enforce SSL connections. Default is true.
(key: ssl)
Validate the server’s certificate when connecting Determine whether to validate the server’s security certificate for SSL connections. Default is true.
(key: checkCert)
HTTP Network Proxy Specifies a proxy URL to use for connecting.
(key: proxy)
The address is entered as follows:
{server=<server>;port=<port>/[;ssl=<true|false>;checkCert=<true|false>;proxy=<proxy>]}
The full list of target system parameters is explained in Target System Options .
Troubleshooting
If a password randomization is triggered and the password reset fails, the following error may appear in the logs for the [updateresource] operation:
The property 'portRestriction' requires property 'hostRestriction'to be specified.According to the REST API documentation for the method used to update shared credential’s password, hostRestriction cannot be empty when portRestriction is defined.
In the list of attributes in the target list file, check to see if portRestriction or hostRestriction are listed.
If the portRestriction attribute is listed, then you will need to either add a value for hostRestriction for the shared credential in Rapid7 Nexpose or remove the value specified for hostRestriction.
You will need to run auto discovery again prior to attempting another password randomization.
On Rapid7 version 6.5.97, Microsoft SQL Server and Sybase database credentials cannot be updated when a domain value is defined. The following error may appear in the logs:
The property 'domain' requires property 'useWindowsAuthentication' to be specified to true.The REST API incorrectly returns false for ’useWindowsAuthentication’. In order to update this credential, the domain value should be undefined.
On Rapid7 version 6.5.97, it is not possible to update Kerberos credentials as the REST API does not return the ’realm’ value. The following error may appear in the logs:
The property 'realm' must not be empty for the 'KerberosAccount' object.Shared or site credentials that do not have an explicit password field cannot be updated, such as hash or community names.