Technology Partners

Jira & InsightVM

Jira & InsightVM Integration Brief

Streamline Vulnerability Remediation Workflows

With Atlassian Jira and Rapid7 InsightVM

Integration Benefits

  • Streamline workflows by utilizing the native ticketing solution leveraged by your IT operations team
  • Automatically generate tickets within Jira after a InsightVM scan is completed
  • Create tickets flexibly, with customization of open tickets by specific severity thresholds, sites, or asset groups
  • Define exactly how much detail your security team wants to present in tickets based on the audience
  • Easily configure integration within the InsightVM user interface

Being proactive about security means more than just conducting frequent security assessments of your enterprise assets. Staying secure is ultimately dependent on proper remediation and risk mitigation. Just one problem: We all know that incorporating the remediation lifecycle into IT teams’ existing workflows can be a steep, uphill battle. Integrating Rapid7 InsightVM* with Atlassian Jira levels the ground by automatically creating tasks when new vulnerabilities are discovered and giving operations managers the ability to assign tickets to the correct remediation teams. By combining InsightVM’s remediation projects with Jira, you now have the ability to report on which tickets have been successfully closed and track the progress of various remediation initiatives—live.

How It Works

InsightVM assesses the risk posture of the systems within your organization, typically through a scan or agent-based assessment. This vulnerability data is then processed for each host within the Insight platform. Next, an InsightVM remediation project defines the scope of what needs to be fixed, by when, and by whom; for example, critical Windows vulnerabilities in your east coast datacenter can be assigned to the specific Windows admin who owns those systems. Jira profiles allow tickets to be automatically created and assigned to the right people based on metadata from assets, vulnerabilities, and owners, so that remediators only get instructions relevant to them; once tickets are closed, the remediation project is updated to show that the vulnerability has been marked fixed, and InsightVM confirms the fix on the next scan. The takeaway here? No more chucking thousand-page reports over the fence and hoping for resolution.

Rapid7 InsightVM Atlassian Jira Integration

Overview of the Integration Process

  • Step 1: Set up a connection between Jira and InsightVM via a wizard in the InsightVM UI, defining roles and responsibilities within the organization as well as the desired level of detail in the tickets.
  • Step 2: Perform a security assessment and get visibility into identified vulnerabilities.
  • Step 3: Create a remediation project with filters for the systems and vulnerabilities that need to be fixed.
  • Step 4: The integration automatically creates and assigns tickets based on the rules established in Step 1.
  • Step 5: Jira updates the remediation project in InsightVM as vulnerabilities are fixed and tickets are closed to display fixes as “awaiting confirmation.”
  • Step 6: InsightVM confirms that the vulnerability is no longer present, thus updating the remediation project’s current progress.

What You Need

  • Rapid7 InsightVM
  • Jira 6.x with valid access privileges

*All mentions of Rapid7 InsightVM associated with its integration with Atlassian Jira also apply to Rapid7 Nexpose.

Free InsightVM Download

Try our top-rated vulnerability assessment tool

All fields are mandatory



Sorry your request cannot be completed at this time. Please reach out to sales at +1-XXX-XXXX or at email@rapid7.com.