InsightVM Events <3 InsightConnect Triggers

The InsightConnect team is stoked to announce the release of a new trigger this morning that enables entirely new use cases for automating vulnerability management with InsightVM!!!

You heard us right. Automation. For. Vulnerability. Management.

Using InsightVM’s experimental API webhook feature, you can now easily run targeted automation workflows triggered by discrete changes observed by InsightVM. Rather than try to churn through massive datasets, this approach uses smaller slices of vulnerability and asset data to launch targeted automation workflows. This can be used to raise awareness around critical vulnerabilities, congratulate remediators for their patching efforts, verify assets in CMDBs or other sources of truth, apply asset tags to newly identified devices, and much more.

The new InsightVM Events trigger includes four different webhook event types:

  1. Asset Found
  2. Asset Deleted
  3. Vulnerabilities Found
  4. Vulnerabilities Remediated

As one might expect, these InsightVM events are triggered when assets and vulnerabilities are newly discovered or removed from InsightVM’s database. The webhooks sent from InsightVM to InsightConnect contain data about the asset (for events 1 and 2) or data about both the asset and the vulnerabilities (for events 3 and 4).

Keep an eye out for some sample workflows using the VM Events trigger coming out from your friends at InsightConnect over the next few weeks! In the meantime, we have added Help Documentation to help you get started building your own workflows. For all our builders out there, please remember you can always share your feedback with us here on the Discuss forum or using the in-product feedback button!

Build On!


We’ve started releasing sample workflows that make use of the InsightVM Events trigger! Check out the use cases below and let us know what you think =)


Two more sample workflows released last night!

  • As promised, Send New Remediated Vulnerabilities Message in Slack
    • We also shipped an update to the Teams version of this workflow so it only posts notifications for vulnerabilities with a CVSS risk score > 4. This makes the workflow significantly less chatty.
  • Alert on New Unknown Assets Discovered by InsighVM with Slack - this workflow checks to see if newly discovered Windows assets are known in Active Directory. If not, it sends a notification in the specified Slack channel. (Teams version coming soon!)