Enterprise
runZero integrates with Rapid7 Nexpose by importing files that were exported from your Nexpose instance.
Getting started with Rapid7 Nexpose
To use the Rapid7 Nexpose integration, you’ll need to:
- Download an XML Export or XML Export 2.0 report from Nexpose.
- Import the Nexpose files through the inventory pages.
Requirements
Before you can set up the Nexpose integration:
Step 1: Export Nexpose vulnerability scan report
- Log in to Nexpose with the account being used for the runZero integration.
- Go to the Reports page and select
Create a report.
- From the Export tab, select either XML Report or XML Report 2.0.
- Set the scan, asset, asset group, or site scope.
- Click
Save & Run the Report.
- When the report completes, save the report to a local file.
Step 2: Import the Nexpose files into runZero
- Go to the Inventory page in runZero.
- Choose Import > Nexpose XML Export (.xml) from the list of import types.
- On the import data page:
- Choose the site you want to add your assets to.
- Set tags to apply to the imported assets (optional).
- Set the severity and risk levels to ingest (optional).
- Set the Fingerprint only toggle to
Yes if you want vulnerability records to be ingested for fingerprint analysis but not stored in your runZero vulnerability inventory (optional).
Step 3: View Nexpose assets and vulnerabilities
After a successful sync, you can go to your inventory to view your Nexpose assets. These assets will have a Rapid7 icon listed in the Source column.
The Nexpose integration gathers details about vulnerabilities detected in addition to enriching asset inventory data. Go to Inventory > Vulnerabilities to view the vulnerability data provided by Nexpose.
To filter by Rapid7 assets, consider running the following queries:
Click into each asset to see its individual attributes. runZero will show you the attributes gathered from the Nexpose scan file.