Rapid7 InsightIDR Integration

The Universal Webhook Data Exporter allows you to integrate Rapid7 Platform products with Binalyze AIR to respond in a specified way when events trigger on the Rapid7 Platform.
Step 1 - Creating A webhook for Rapid7 InsightIDR
  • Visit the Webhooks page in Binalyze AIR,
  • Click the "+ New Webhook" button in the upper right corner,
  • Provide a self-explanatory name,
  • Select "Rapid7 InsightIDR Webhook Parser" as the parser for this webhook,
  • Select an Acquisition Profile when the trigger activates this webhook,
  • Select the Ignore option or leave with its default value (defaults to 24 hours for recurrent alerts for a single endpoint),
  • Provide other settings such as Evidence Repository, CPU Limit, Compression & Encryption to use or let AIR configure them automatically based on the matching policy
  • Click the "Save" button.
Step 2: Create Triggers for InsightIDR
  • From the left menu, go to Data Collection and click Data Exporters.
  • Click Add Data Exporter.
  • Select Universal Webhook as the Data Exporter Type.
  • Choose your collector. You can also name your data exporter if you want. Provide the URL that you previously configured.
  • Add Content-Type: application/json for your webhook HTTP POST request.
  • Select the Alerts checkbox to export asset-specific alerts from InsightIDR.
    • Optionally, trust all certificates or self-signed certificates by selecting the Certificate Settings checkboxes.
  • Click Save
Please refer to Rapid7 documentation for more information.