Authentication
      Back to home
      1. Radiant Help Center
      2. Getting Started
      3. Authentication

      Rapid7 Insight IDR Webhook

      Set up the Rapid7 Insight IDR Webhook data connector.

      Overview

      This configuration integrates the Rapid7 Insight IDR universal webhook with the Radiant Security data connector. This establishes a secure data connection between Rapid7 and Radiant Security, allowing for seamless data integration for enhanced security analytics and insights.

       In this guide, you’ll configure the data connector by complete the following:

      Important note: This configuration requires switching between the Rapid7 Insight IDR and Radiant Security platforms to gather different information needed for each step. Please follow the instructions carefully to successfully complete this configuration.

      Prerequisites

      This configuration requires that you have admin access to your Rapid7 Insight IDR account.

      Create the user and API key in Rapid7 Insight IDR

      1. In Rapid7 Insight IDR, in the upper right hand corner, click Settings > Users. Untitled

       
      2. Click Create User. Untitled(1)

       
      3. Under User Details, add the fields for First Name, Last Name, and Email then click Next. Untitled(1)(1)

       
      4. Click the Manage Individual Permissions tab.  
      5. On the Products tab, click the toggle to enable InsightIDR. Untitled(2)

       
      6. Click the Roles tab, select the InsightIDR Analyst and Log Search Admin roles checkboxes. Untitled(3)

       
      7. Click Save to save the user.
      		  
      8. Next, login as the newly created user. In the upper right hand corner, click Settings > API Keys. Untitled(4)

       
      9. Click Generate New User Key. Untitled(5)

       
      10. Select your organization and provide a Name (Radiant Security) and click Submit.
      		  
      11. Click Copy to copy the API Key value. Untitled(4)(1)

       

      Important note: Ensure that you copy and save the API key value now as you won't be able to look it up again later. You will need to provide it to Radiant Security to complete the configuration. 

      Add the Connector in Radiant Security (Part 1)

      Begin the configuration process for the data connector in Radiant Security.

      1. Login to Radiant Security.  
      2. From the navigation menu, select Settings > Data Connectors.  
      3. Click + Add Connector.  
      4. Search for and select the Rapid7 Insights IDR connector and then click Data Feeds. Captura de Tela 2024-02-08 às 09.30.45

       
      5. Under Select your data feeds, select Rapid7 Insights IDR (Webhook), then click Credentials. Captura de Tela 2024-02-08 às 09.30.59

       
      6. Under Credential Name, add a name.  
      7. Under Required Credentials, add the following:
      • Rapid7 Investigation API Token: Add the API Token that you copied from Rapid7 Insight IDR.
      		 Captura de Tela 2024-02-08 às 09.31.34

       
      8. Keep this page open, you’ll return to it after to add the Rapid7 Webhook HMAC Secret and finalize creating the data connector.  

      Create the webhook and obtain the HMAC Secret in Rapid7 Insight IDR

      Obtain the HMAC Secret from Rapid7.

      1. In Rapid7 Insight IDR, click Data Collection > Data Exporters > Add Data Exporter.Untitled(6)
      2. Under Select Data Exporter Type, select Universal Webhook, then copy the Secret.Untitled(7)
      3. Keep this page open, you’ll return to it to add the URL after you copy it from Radiant Security.

      Add the connector in Radiant Security (Part 2)

      Now that you’ve obtained the HMAC secret for the webhook, you’ll finalize configuring the data connector in Radiant Security.

      1. Return to where you left off configuring the Rapid7 Insights IDR (Webhook) data connector in Radiant Security. Captura de Tela 2024-02-08 às 09.38.47

       

      2. Under Required Credentials, add the following:

      • Rapid7 Webhook HMAC Secret: Paste the webhook Secret you copied from Rapid7 Insight IDR.

       
      3. Click Add Connector to finalize the creation of the data connector.  
      4. Once the connector is created, click View Details. Captura de Tela 2024-02-08 às 09.28.53

      5. Copy the following:

      • Token
      • Webhook URL
      		 Captura de Tela 2024-02-08 às 09.35.18(1)

       

      Complete the webhook configuration in Rapid7 Insight IDR

      1. In the Edit Data Exporter page, paste the Webhook URL that you copied previously into the URL field.
      2. Under Headers, add the following:
        • Key: X-RS-TOKEN
        • Value: Paste the Token provided by Radiant Security.Untitled(8)
      3. Click Save.

       

      We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai 

       

      Last updated: 2024-08-23