Integrate Rapid7 InsightVM with Claude, Cursor, Chatbots & AI Agents MCP Server

Q: Is the scanning triggered individually per asset?

By default, the triggerscan mechanism relies on referencing a defined siteid, scanning the preconfigured scope attached to it rather than blindly scanning one unassociated IP.

Equip your AI to interact directly with Rapid7 InsightVM, extracting vulnerability assessments, scanning network assets, and launching immediate scans.

GDPR Free for Subscribers

Compatible with every major AI agent and IDE

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

+ other MCP clients

get

Get asset on Rapid7 InsightVM

Retrieves detailed information for a specific asset

get

Get asset vulnerabilities on Rapid7 InsightVM

Lists all vulnerabilities found on a specific asset

get

Get scan on Rapid7 InsightVM

Retrieves execution status and results for a specific scan

get

Get site on Rapid7 InsightVM

Retrieves details for a specific network site

get

Get vulnerability on Rapid7 InsightVM

Retrieves details for a specific vulnerability ID

list

List assets on Rapid7 InsightVM

Lists all discovered computing assets

list

List scans on Rapid7 InsightVM

Lists chronological assessment scans

list

List sites on Rapid7 InsightVM

Lists all configured network scan sites

list

List vulnerabilities on Rapid7 InsightVM

Lists global vulnerability definitions

trigger

Trigger scan on Rapid7 InsightVM

Forces an immediate vulnerability scan for a site

Security & Code Integrity Audit

Every tool in the Rapid7 InsightVM MCP Server is continuously audited by the Vinkius Security Engine. We guarantee zero-trust payload isolation, strict data boundaries, and deterministic execution for enterprise-grade AI agents.

A+Score: 98.33

How Vinkius protects your data

Can I set different limits for each virtual assistant on my team?

Absolutely. You have full control in our command center. You can create an AI agent that only "reads" data so the support team can answer questions, and another superpowered agent that can "edit" and "create" information exclusively for your operations team. Each AI gets exactly the level of access you allow.

What happens if the underlying API rate limits my agent?

Our edge infrastructure automatically handles backoffs, queueing, and throttling. If an AI agent sends too many erratic requests, Vinkius manages the rate limits gracefully, ensuring your backend doesn't crash.

What if the AI ends up reading customer data or confidential information?

We have a built-in digital "bodyguard" called DLP (Data Loss Prevention). If a tool fetches data and the response contains social security numbers, credit cards, or personal customer info, Vinkius magically blocks and erases that information before it is delivered to the AI. The AI works only with what is strictly necessary, and your sensitive data never leaks.

Is the scanning triggered individually per asset?

By default, the trigger_scan mechanism relies on referencing a defined site_id, scanning the preconfigured scope attached to it rather than blindly scanning one unassociated IP.

Triggering Rapid7 InsightVM via Natural Language

Add the Rapid7 InsightVM tool to your AI Agents. The toolkit allows Claude and ChatGPT to securely fetch and update targeted data.

Connecting cybersecurity with Cursor

Use the Rapid7 InsightVM MCP to manage cybersecurity requests. Models like Claude Code utilize this connection to perform reliable fort knox updates.

Next-Gen threat remediation Automation

Connect Rapid7 InsightVM to provide your chatbots with threat remediation capabilities. The integration manages the backend execution for fort knox workflows.