runZero integrates with Rapid7 Nexpose by importing files that were exported from your Nexpose instance.

Getting started with Rapid7 Nexpose

To use the Rapid7 Nexpose integration, you’ll need to:

  1. Download an XML Export or XML Export 2.0 report from Nexpose.
  2. Import the Nexpose files through the inventory pages.


Before you can set up the Nexpose integration:

  • Verify that you have runZero Enterprise.
  • Make sure you have access to the Nexpose portal.

Step 1: Export Nexpose vulnerability scan report

  1. Log in to Nexpose with the account being used for the runZero integration.
  2. Go to the Reports page and select Create a report.
  3. From the Export tab, select either XML Report or XML Report 2.0.
  4. Set the scan, asset, asset group, or site scope.
  5. Click Save & Run the Report.
  6. When the report completes, save the report to a local file.

Step 2: Import the Nexpose files into runZero

  1. Go to the Inventory page in runZero.
  2. Choose Import > Nexpose XML Export (.xml) from the list of import types.
  3. On the import data page:
    • Choose the site you want to add your assets to.
    • Set tags to apply to the imported assets (optional).
    • Set the severity and risk levels to ingest (optional).
    • Set the Fingerprint only toggle to Yes if you want vulnerability records to be ingested for fingerprint analysis but not stored in your runZero vulnerability inventory (optional).

Step 3: View Nexpose assets and vulnerabilities

After a successful sync, you can go to your inventory to view your Nexpose assets. These assets will have a Rapid7 icon listed in the Source column.

The Nexpose integration gathers details about vulnerabilities detected in addition to enriching asset inventory data. Go to Inventory > Vulnerabilities to view the vulnerability data provided by Nexpose.

To filter by Rapid7 assets, consider running the following queries:

Click into each asset to see its individual attributes. runZero will show you the attributes gathered from the Nexpose scan file.