Create a New Rapid7 Nexpose User

Step 1:

  • Log in to your Nexpose instance as an administrator.

  • Select Administration in the left menu.

Step 2:

  • On the Administration page, in the Users section, select Create.

Step 3:

  • On the General tab under the User Configuration page, enter this information:

    • User name: Epiphany

    • Authentication: VM user

    • Full Name: Epiphany Access

    • Email Address: assessment_creds@eip.io

    • Password: create a secure/complex password.

    • Confirm Password: enter the same password as above.

  • Be sure to check the Account Enabled check box.

Step 4:

The roles selected for the Epiphany user provide a scope of read only.

  • On the Roles tab under the User Configuration page, make these settings:

    • Role: Custom

    • Save Role: Check the Save Role check box and then enter EpiphanyRole

  • Global Permissions: Check the Appear on Ticket and Report List checkbox.

  • Site Permissions: Check the View Site Asset Data checkbox.

  • Asset Group Permissions: Check the View Group Asset Data checkbox.

  • Report Permissions: None

  • Vulnerability Exception and Policy Override Permissions: None

  • Vulnerability Investigation Permissions: Check the View Vulnerability Investigations checkbox.

Step 5:

  • On the User Configuration page, on the Site Access tab, select the scope of the site access needed for Epiphany's data collection.

Please contact your Epiphany representative if there are questions about the scope of the current collections to be performed.

  • If all sites are needed, select the Allow this user to access all sites radio button.

  • If only certain sites are needed, select the Create a custom list of sites that this user can access radio button.

  • Select the Select Sites button.

  • In Select Sites, check the checkbox for all sites within the scope of the current Epiphany collection.

  • Select Save.

Step 6:

  • On the User Configuration page, in the Asset Group Access tab, select the scope of the asset group access needed for Epiphany's data collection.

Please contact your Epiphany representative if there are questions about the scope of the current collections to be performed.

  • If all asset groups are needed, select the Allow this user to access all asset groups radio button.

  • If only certain sites are needed, select the Create a custom list of asset groups that this user can access radio button, then select the Select Groups button.

  • In Select Groups, select all asset groups within the scope of the current Epiphany collection. Then select Save.

Step 7:

Be sure to select Save once all fields are properly completed for the new user.

Last updated