Can I tag vulnerabilities in some way?

We track our vulnerability issues in JIRA outside of Rapid7. I would like to “tag” vulnerabilities so that I know which ones I have already created JIRA issues for outside of the Rapid7 console. Does anyone know of a way to do this?

1 Like

The concept of tags only applies to assets within InsightVM currently.

I have been asking for a way to tag vulnerabilities as well.
I would like to tag them as patch or config, OS/Database/Middleware/App
This would help categorize and prioritize remediation projects and reports.

1 Like

This functionality would be so helpful for us. Unfortunately I also didnt find any solution yet…

This functionality would be HUGELY helpful for us! Our current method involves complex queries, requiring painful manual updates across dozens of IVM dashboards.

We are exploring ways to externally automate this process. But to be honest, I am losing confidence in Rapid7’s commitment to IVM/Nexpose. We are starting to ask if we need to consider replacement solutions for vulnerability management.


I can 100% underline this statement.
It would be great if you can share your workaround process (if you finally found one)

1 Like

I put in a ticket on this issue and Rapid7 said this functionality is currently not supported though they do have a ticket for it.
If you want this functionality I suggest putting in a ticket with Rapid7 as well. Squeky wheel…

I was not able to find a workaround but if anyone else does excited to hear what you did.

1 Like

My CSM mentioned at one point in time that it depends on how many requests are submitted in order for it to get more visibility/ priority to the product team.

1 Like