Advanced Vulnerability Management

Course Description

Looking to take your vulnerability management knowledge to the next level? Geared toward security professionals with deeper technical backgrounds, this hands-on training session is perfect for individuals who have been supporting the product for some time, those tasked with supporting 3rd-party product integrations, or customers needing a deeper understanding of data produced in PostgreSQL. This two-day interactive class covers advanced topics for extending and analyzing the wealth of data the product provides.

For flexible and accessible learning, this course is offered both virtually and on-site at your facility. The virtual class is hosted remotely on a Rapid7 lab and features simulated exercises against multiple scenario-driven target environments. Customers who participate in on-site trainings will apply their learned skills in hands-on scenarios in their own environment.

All participants will have access to the Advanced Vulnerability Manager (AVM) Exam as part of their training program; go from being the student to the master and leverage the knowledge gained from class to become certified.

What You'll Learn

SQL Query Reports

  • Introduction to the underlying reporting data model - RDM
  • Learning to create custom queries for export 

Nexpose API: Version 1.1, 1.2 & RestFULv3

  • Familiarizing yourself with automation capabilities using the API
  • Interacting with the API to perform routine tasks 

Scripting with the Ruby Gem

  • Ruby scripting basics
  • Leveraging the Gem to automate routine tasks and extend functionality

Best Practices

  • Learning tips and tricks to tune and optimize to achieve the best performance and results

Advanced Troubleshooting

  • Learning various methods for troubleshooting issues

Day 1

  • Site Strategy Best Practices
  • Asset Group Best Practices
  • RealContext Best Practices
  • Boolean Logic with Dynamic Asset Groups and Asset Tags
  • Tuning the PostgreSQL Database
  • Tuning Scan Templates
  • Advanced Troubleshooting/Diagnostics Intro/Overview to SQL
  • Understanding the Reporting Data Model

Day 2

  • API Architecture and Requirements
  • Performing the following tasks through the API:
    • Authenticate to the API
    • Perform a Site Listing
    • Initiate a Scan on a Site
    • Log out of the API
  • Overview of the Gem and Documentation
  • Object Oriented Programming Overview
  • Anatomy of a Script
  • Ruby Basics


Ideally, attendees should have the following:

  • Completion of Nexpose Certified Administrator or InsightVM Certified Administrator course
  • Basic understanding of Database Management Systems (DBMS)
  • Basic understanding of Structured Query Language (SQL)
  • Basic understanding of programming/scripting logic and concepts
  • Prior experience writing scripts, helpful (preferably Ruby)


Open-enrollment class - $2,000 per student

On-site class - $7,000 per course plus travel & expenses, up to 5 attendees

Applicable CPEs: 16

Training Registration
Advanced Vulnerability Management

Payment will open in a new window.
By submitting your registration, you are agreeing to our terms and conditions and acknowledge that all trainings are non-refundable.
Please note that this transaction may take up to two business days to go through our verification process.