Automox Plugin for Rapid7 InsightConnect

InsightConnect is the Rapid7 Security Orchestration Automation and Response (SOAR) product.

The Automox plugin for Rapid7 InsightConnect provides the ability for teams to orchestrate daily IT operations tasks such as device management, triggering remote outcomes on endpoint devices, and Automox platform administration. Through the use of the plugin, teams can build workflows to orchestrate repeatable tasks and streamline integrations between Vulnerability Management and Patch Management teams.

Key features of the plugin include:

  • Retrieve and manage Automox managed devices
  • Manage Automox groups
  • Initiate Vulnerability Sync uploads and remediation of issues
  • Trigger workflows based on Automox platform events

The latest version of the plugin can be found on the Rapid7 Extension library.

Vulnerability Sync Workflow

This pre-built workflow automatically imports the vulnerability detection reports from InsightVM through InsightConnect into Automox. This workflow can be found in the Rapid7 Extension Library:

When you use this method, remediation teams do not need to coordinate the export of Rapid7 InsightVM/Nexpose vulnerabilities report from their security teams. In addition, you do not need to manually upload a vulnerability report into Automox.

When the imported report is ready, you can continue with the vulnerability process from the point of observing the mapping process until it is complete and taking actions. Follow the description in our Vulnerability Sync documentation: Syncing the Imported Report.

Slack and Teams Workflow

The InsightConnect plugin also allows you to display the device details from Automox in your ChatOps tools: Slack and Teams. The two workflows and documentation on using them can be found on the Rapid7 Extension library:

For more information about these topics:

Related Topics: