Unlock Broader Detections & Forensics with Velociraptor in Rapid7 XDR | Rapid7 Blog>
– Shanna Battaglia
With this in mind, we’re excited to announce the integration of [Velociraptor](https://www.rapid7.com/products/velociraptor/), Rapid7’s leading open-source DFIR framework, into the Insight Platform for InsightIDR Ultimate users — all with no additional deployment or configurations required.Key benefits of Velociraptor in InsightIDR: [Hunt](https://docs.velociraptor.app/docs/gui/hunting/)for threats and vulnerabilities on single endpoints or across the entire fleet conveniently within InsightIDR, enabling faster identification and remediation.- Monitor for threat activity [as it occurs on the endpoint](https://docs.velociraptor.app/docs/client_monitoring/), and forward matching events to InsightIDR for in-depth investigations into potential threats.- Efficiently analyze all of your Velociraptor data inside of InsightIDR with the flexibility of custom [Notebooks](https://docs.velociraptor.app/docs/vql/notebooks/)(used to track and post process hunts or collaborate on an investigation) or the visual navigation of the [Virtual File System](https://docs.velociraptor.app/docs/gui/vfs/)(a server side cache of the files on the endpoint).From here, Jo starts a [KAPE triage collection](https://docs.velociraptor.app/artifact_references/pages/windows.kapefiles.targets/) on this endpoint.
Link: https://www.rapid7.com/blog/post/2023/09/29/unlock-broader-detections-forensics-with-velociraptor-in-rapid7-xdr/