Technology Partners

SecretServer & InsightVM

SecretServer & InsightVM Integration Brief

Secure Credentialed Scanning

With Thycotic SecretServer and Rapid7 InsightVM or Nexpose

Integration Benefits

  • Prevent credential-based attacks without compromising risk visibility
  • Improve operational efficiency through automated importation of credentials
  • Minimize false positives and increase accuracy by using trusted credentials

Abuse of privileged accounts through compromised credentials is proving to be an increasingly popular tactic for hackers and malicious insiders. When it comes to vulnerability scanning, credentialed scans are more effective because they have a greater reach into an organization’s network.

Integrating Rapid7’s leading vulnerability management solution, InsightVM, or our top-rated on-premise solution, Nexpose, with Thycotic’s SecretServer helps enhance your team’s ability to perform these scans. SecretServer is designed to randomize and store the passwords for accounts on target systems on a regular recurring basis. The passwords are stored and managed by the vault and can be retrieved via a SOAP web service which allows them to be securely shared with other technologies. This integration minimizes the exposure of your critical credentials to possible attackers while allowing your security team to perform critical security assessments.

How It Works

Thycotic’s SecretServer will store and randomize the passwords regularly. As they are needed for a vulnerability scan, the randomized passwords can then be applied to the relevant assets to allow InsightVM* to run a credentialed scan.

Through this integration, joint Rapid7 and Thycotic customers are now able to maximize their efficiency and reduce their risk exposure by utilizing randomized passwords when running credentialed vulnerability scans.


Overview of Integration Process

  • Step 1: Create privileged account stores in SecretServer
  • Step 2: Create site(s) in InsightVM (or Nexpose) with assets
  • Step 3: Install Thycotic’s Password Java SDK
  • Step 4: Configure the solution

Once the script is deployed, InsightVM will automatically pull the relevant credentials from SecretServer, allowing users to perform scans with an increased level of password security.

What You Need

  • Rapid7 InsightVM or Rapid7 Nexpose
  • Thycotic SecretServer

Figure 1: SecretServer securely stores your passwords for use in InsightVM or Nexpose

Thycotic secretserver integration with Rapid7 InsightVM

*All mentions of Rapid7 InsightVM associated with the Thycotic SecretServer also apply to Rapid7 Nexpose.

Integration Overview

Download this Integration Overview

Download Now

Free 30-Day Trial

Take this integration for a spin and experience the full functionality of InsightVM for 30 days

Explore InsightVM

Need help with an integration?

Please contact Rapid7 for support or assistance at +1.866.380.8113, or view all of our support options.

Get Support

Free InsightVM Trial

Try InsightVM

Try InsightVM

No credit card required. All fields are mandatory.

    Sorry your request cannot be completed at this time. Please reach out to sales at +1-866-7RAPID7 or at
    Switch to Virtual Appliance Download