Rapid7Quick Start Guide

Exposure Command brings together several Rapid7 capabilities, including Attack Surface Management (Surface Command), External Attack Surface Management (EASM), Cloud Security (InsightCloudSec), Vulnerability Management (InsightVM), Automation (InsightConnect), and the Command Platform. This Quick Start Guide outlines what to expect during, and how to approach, each phase of the Exposure Command deployment process.

Phase 1: Prepare for deployment

To ensure you can get up and running with Exposure Command as quickly as possible, it’s important to understand your new product and the necessary deployment tasks as well as to create a plan for deployment.

Several Rapid7 capabilities are packaged with Exposure Command:

If you already have a Command Platform account (formerly known as the Command Platform (Insight Platform)) from a trial or existing subscription to another Rapid7 solution, you’re all set! Use your existing email address to log in to https://insight.rapid7.com/login.

The Rapid7 Command Platform is your base within the ecosystem of Rapid7 cloud products and services. It provides a centralized location for administrative functions and makes navigating the Insight product suite simple. To log in to the platform, you need a Rapid7 Command Platform account.

To create an account:

  1. Check your corporate email inbox for an email from the Rapid7 Command Platform team.
  2. Visit insight.rapid7.com/login.
  3. Select Haven’t activated your account?.
  4. Enter your corporate email address to receive an activation email with next steps. If you do not receive an activation email, reach out to your Customer Adoption Manager (CAM) or Customer Success Advisor (CSA).
  5. Refer to the activation email and follow the instructions to create and activate your Command Platform account

Phase 2: Get up and running

After you have familiarized yourself the components of Exposure Command and you’ve logged in to the Command Platform to confirm your account is set up properly, you’re ready to get everything up and running!

To start managing your attack surface with Exposure Command, you’ll need to set up Attack Surface Management (Surface Command). Follow Get started with Attack Surface Management (Surface Command) and then return to the Exposure Command Quick Start Guide.

To start seeing your on-prem data and detailed vulnerabilities integrated with Exposure Command, you’ll need to set up InsightVM. Follow the Quick Start Guide and then return to the Exposure Command Quick Start Guide

To start building automated workflows to handle security operations tasks, you’ll need to set up Automation (InsightConnect). Follow the Quick Start Guide and then return to the Exposure Command Quick Start Guide.

To start seeing your cloud data integrated with Exposure Command, you’ll need to set upCloud Security (InsightCloudSec). Follow the Getting Started Overview and then return to the Exposure Command Quick Start Guide.

Phase 3: Validate configuration and connect with Rapid7

With Exposure Command fully deployed and configured, you can now start evaluating your Security Program holistically.

Support

If you run into any problems with Attack Surface Management (Surface Command), search the documentation for solutions or contact Rapid7 Support through the customer portal.

Rapid7 Academy

The Rapid7 Academy holds training, webcasts, workshops, and more, all led by our Rapid7 experts.

  • On-demand training helps you get started with Rapid7 products, answer frequently-asked questions, and recommend best practices.
  • Rapid7 Webcasts are hosted by Rapid7’s teams and provide a forum where customers can learn about best practices as well as what’s new in their Rapid7 products.
  • Virtual Instructor-Led Training Courses are live training sessions broken down by product and available for enrollment.
  • Certification Exams are product-specific exams to help you demonstrate your knowledge of using Rapid7’s solutions as a cybersecurity professional.
  • Product Workshops are Rapid7’s free trainings on all things, all products, and average about an hour long

Communications

To make sure you receive the Rapid7 communications that best suit your needs, set your communication preferences.

  • Whether it’s an emergent cybersecurity threat, a product update, or a notice of service degradation for maintenance, we’ll alert you with an in-product message to ensure you’re aware of all that affects your environment.
  • Rapid7’s research provides information on a variety of topics, such as, cloud misconfigurations, vulnerability management, detection and response, application security, and more.
  • Rapid7’s blog offers conversational guidance and information from our security experts.

Communities

Rapid7 supports a range of open-source projects. Consider joining one of our Open-Source communities!

  • AttackerKB captures, highlights, and expands on security researcher knowledge to shed light on the specific conditions and characteristics that make a vulnerability exploitable and useful to attackers.
  • Velociraptor provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches.
  • Metasploit empowers and arms defenders to stay one step ahead of the game by verifying vulnerabilities, managing security assessments, and improving security awareness.
  • Recog is a framework for identifying products, services, operating systems, and hardware by matching fingerprints against data returned from various network probes.
  • Our customer advocacy program, Rapid7 Voice, provides you with a network of customers, offers the chance to deepen your security expertise, and provides the opportunity to share input on future product developments.