Enable the InsightVM API in your console and authenticate using HTTP Basic auth (username/password) against https://{console-host}:3780/api/3/.
Retrieve a paginated list of assets with GET /api/3/assets, using query parameters page, size, and sort; each asset object includes id, hostName, ip, os, and riskScore.
Query vulnerabilities for a specific asset with GET /api/3/assets/{id}/vulnerabilities, which returns lightweight VulnerabilityFinding objects including status, since, and vulnerability ID.
Enrich each finding by fetching full vulnerability metadata (CVEs, CVSS scores, title, description, solutions) with GET /api/3/vulnerabilities/{vulnerabilityId}; cache results to avoid redundant calls.
For bulk exports at scale, use the Bulk Export GraphQL API (available in newer InsightVM versions) to retrieve complete asset and vulnerability data including tags and groups in a single high-performance call.
Known gotchas
The per-asset vulnerability endpoint returns VulnerabilityFinding objects that lack CVE and CVSS data; you must make a second call to the /vulnerabilities/{id} endpoint to enrich each finding — cache aggressively.
The v3 REST API runs on port 3780 of the on-prem console host, not the Insight cloud platform; cloud-hosted InsightVM uses different endpoint patterns — confirm your deployment type.
In September 2025, Rapid7 began optimising the GET /vulnerabilities endpoint for high-volume queries; check release notes for current pagination limits before building production pipelines.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp