Rapid7 InsightVM Reviews

Name: Rapid7 InsightVM
Brand: Rapid7
Rating: 4.0 (61 reviews)

Vendor: Rapid7

4.0 out of 5

61 reviews
88% willing to recommend

1,878 followers

Start review

What is Rapid7 InsightVM?

Rapid7 InsightVM is a comprehensive vulnerability management platform that protects your systems from attackers and is easy to scale. The solution provides easy access to vulnerability management, application security, detection and response, external threat intelligence, orchestration and automation, and more. Rapid7 InsightVM is ideal for security, IT, and DevOps teams, helping them reduce risk by enabling them to detect and respond to attacks quickly.

Get the Rapid7 InsightVM Buyer's Guide and find out what your peers are saying about Rapid7 InsightVM, Qualys VMDR, Tenable Security Center and more!

Rapid7 InsightVM is the #4 ranked solution in top Risk-Based Vulnerability Management solutions. PeerSpot users give Rapid7 InsightVM an average rating of 8.0 out of 10. Rapid7 InsightVM is most commonly compared to Qualys VMDR: Rapid7 InsightVM vs Qualys VMDR. Rapid7 InsightVM is popular among the midsize enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a educational organization, accounting for 43% of all views.

Helped 839,422 peers since 2012

Featured Rapid7 InsightVM reviews

Mahmoud Elhamaymy

Professional services team lead at a tech services company with 1,001-5,000 employees

InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.

Read full review

Christian Kyony

Senior Security Engineer at DRS

The remediation project is pretty effective because it allows us to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations. However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant.

Read full review

Shakeel Ahmad

Sr Cyber Security Consultant at Google

The solution cannot scan third-party tools that have firewalls within them. The firewalls detect and block the solution. Conversely, Nexus is able to bypass firewalls because it has low detectability. We use Nexus when the solution cannot bypass a firewall. The solution can scan 60% of the time but Nexus can scan 90% of the time. The solution needs to improve its vulnerability design to include CVC results. Nexus has a good, long range and a good database for finding CVC numbers. We need this level of security detail but the solution does not seem to provide it.

Read full review

Rapid7 InsightVM mindshare

As of March 2025, the mindshare of Rapid7 InsightVM in the Risk-Based Vulnerability Management category stands at 14.2%, up from 14.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Risk-Based Vulnerability Management

PeerAnalyst reports based on Rapid7 InsightVM reviews

Type	Title	Date
Category	Risk-Based Vulnerability Management	Mar 4, 2025	Download
Product	Reviews, tips, and advice from real users	Mar 4, 2025	Download
Comparison	Rapid7 InsightVM vs Tenable Security Center	Mar 4, 2025	Download
Comparison	Rapid7 InsightVM vs Qualys VMDR	Mar 4, 2025	Download
Comparison	Rapid7 InsightVM vs Tenable Vulnerability Management	Mar 4, 2025	Download

Title	Rating	Mindshare	Recommending
Qualys VMDR	4.1	17.9%	94%	92 interviews Add to research
Tenable Security Center	4.1	15.2%	96%	53 interviews Add to research

Valuable Features

Rapid7 InsightVM offers features like customizable dashboards, robust scanning with few false positives, integration with tools like Jira and Cisco ISE, detailed reporting, and risk scoring. It excels in identifying vulnerabilities and misconfigurations, is easy to deploy and manage, supports automation, and provides reliable intelligence for remediation. Its interface is user-friendly, and integrations with SIEM and antivirus are seamless. It enables management of vulnerabilities across IT infrastructure efficiently.

"InsightVM has a very organized GUI with ease of use."
"InsightVM has a very organized GUI with ease of use."
"The stability of Rapid7 InsightVM is excellent."

Room for Improvement

Rapid7 InsightVM has several areas needing improvement, including better reporting and filtering capabilities, enhancing integration with ticketing and patch management systems, and expanding the template library. There are issues with false positives, limited API functionality, and difficulties with ad-hoc scans. Users report challenges with VPN connectivity, memory consumption, and demand for increased cloud functionality. Simplifying management, introducing penetration testing features, and improving the technical support response are also highlighted as potential enhancements.

"The product's documentation could be enhanced with clearer and more detailed instructions."
"The product's documentation could be enhanced with clearer and more detailed instructions."
"Rapid7 InsightVM is expensive, possibly one of the highest in pricing among similar products."

ROI

Users report positive outcomes with Rapid7 InsightVM, noting it helped avert cyber attacks and provided good value. ROI is rated highly by some, though a few find it difficult to quantify. The tool proves essential for management by highlighting issues and supporting cost savings. It aids in monitoring and updates, contributing to a robust cybersecurity stance. Many appreciate the investment's value, highlighting its role in preventing high risks associated with vulnerabilities like ransomware.

Pricing

Rapid7 InsightVM pricing is often considered expensive, with costs tied to the number of IPs or assets scanned. Annual licenses range from $40,000 to $100,000, varying by asset usage and coverage. While some users find the pricing competitive, others deem it too high compared to competitors. Discounts and flexible options are available for different needs, and support is typically included. Overall, the solution offers value despite its higher price point in the market.

"The tool's price is neither too high nor too low. My company needs to pay 65,000 per year. There are no additional costs apart from the licensing fees attached to the solution."
"The product is cheaper than the other similar tools available in the market."
"It is less expensive compared to other competitors."

Popular Use Cases

Organizations use Rapid7 InsightVM for vulnerability management, including scanning networks, identifying, and remediating vulnerabilities in systems and applications. It supports configuration review, detects missing patches, offers dashboards for management oversight, and integrates with SIEM. Many implement it for both on-premises and cloud environments. InsightVM's reporting capabilities assist in prioritizing security risks and ensuring compliance with internal and external security standards, allowing effective management of digital infrastructure threats.

Service and Support

Customer service for Rapid7 InsightVM receives mixed feedback. Ratings range from high praise to criticism, highlighting response time as a key issue due to time zone differences. Technical support is generally positive, described as responsive, knowledgeable, and helpful, though some mention slow response times. Interactions vary, with some relying on dedicated technicians or alternative resources. Overall, there's an appreciation for support quality, but room for improvement, particularly in response speed and communication.

Deployment

Rapid7 InsightVM's initial setup is generally straightforward and easy to implement, with many users finding it quick and simple. Variations in deployment time depend on network complexity and organizational size. The process may involve configuring communication tools and integrating with existing systems. Most users manage setup with a small team, while some experience complexity depending on network design and cloud or on-premise deployment. Onboarding and training can facilitate the setup process efficiently.

Scalability

Rapid7 InsightVM is highly scalable, suitable for various business sizes. Users described its ability to handle different environments efficiently, from small to extensive networks. Its flexibility allows seamless expansion either on-premise or cloud-based. Challenges may arise with report generation in massive deployments, but the overall capability remains effective. Users appreciate its adaptability and satisfactory performance across thousands of devices and users, maintaining efficiency even with increasing demands. Scalability is frequently rated highly by users.

Stability

Many users find Rapid7 InsightVM to be very stable, with frequent mentions of its reliability and minimal issues. Some note occasional problems, such as communication to update servers or resource consumption, but these are generally resolved quickly. The platform does not frequently experience bugs or crashes, and it's highly rated for its performance. Many rate its stability highly, often an eight to ten out of ten, appreciating its consistent operation and reliability.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Rapid7 InsightVM Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Educational Organization

43%

Computer Software Company

Financial Services Firm

Manufacturing Company

Government

Healthcare Company

Retailer

University

Insurance Company

Comms Service Provider

Energy/Utilities Company

Hospitality Company

Real Estate/Law Firm

Non Profit

Construction Company

Legal Firm

Wholesaler/Distributor

Outsourcing Company

Media Company

Performing Arts

Logistics Company

Recreational Facilities/Services Company

Transportation Company

Compare Rapid7 InsightVM with alternative products

Learn more about Rapid7 InsightVM

Rapid7 InsightVM Features

Rapid7 InsightVM has many valuable key features. Some of the most useful ones include:

Automated containment: With this feature, you can decrease exposure from vulnerabilities by automatically implementing temporary (or permanent) compensating controls via your network access control (NAC) systems, firewalls, and endpoint detection and response tools.

Policy assessment: Rapid7 InsightVM offers pre-built scan templates for common compliance requirements. The solution helps you take clear, actionable steps to compliance once you have assessed your risk posture. In addition, Rapid7 InsightVM’s Custom Policy Builder allows you to modify existing benchmarks or create new policies from scratch.

REST API: Rapid7 InsightVM REST API is easy to use and was built to easily automate virtually any aspect of vulnerability management, from data collection to risk analysis.

Live dashboards: Rapid7 InsightVM includes dashboards that are live and interactive by nature. The live dashboards enable you to create custom cards and full dashboards for anyone in your organization and allow you to track progress of your security program.

Automation-assisted patching: Rapid7 InsightVM’s automation-assisted patching gives you the autonomy to make key decisions in your patching process, such as your approval to apply certain patches to certain vulnerabilities.

Real risk prioritization: Rapid7 InsightVM makes it simple to know which vulnerabilities need to be prioritized and where your riskiest assets lie.

Goals and SLA’s: This feature enables you to make and track progress toward your goals and service level agreements (SLAs) at an appropriate pace.

Rapid7 InsightVM Benefits

There are many benefits to implementing Rapid7 InsightVM. Some of the biggest advantages the solution offers include:

Attack surface monitoring for maintained visibility: By leveraging attack surface monitoring with Project Sonar (a Rapid7 research project that regularly scans the internet to gain insights into global exposure to common vulnerabilities), you can gain more control of all of your external-facing assets, both known and unknown.

Container security: Rapid7 InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process even before they are deployed.

Lightweight endpoint agent: Rapid7 InsightVM unifies data so you only need to install a single agent for continuous vulnerability assessment, incident detection, and log data collection.

Easily assign and track remediation duties: Using Rapid7 InsightVM, IT and security teams can assign as well as track remediation duties without having to deal with remediation reports, complex spreadsheets, or back-and-forth email tags.

Integration with cloud services and virtual infrastructure: Rapid7 InsightVM provides full visibility into risk across your physical, virtual, and cloud infrastructure.

Integrated threat feeds: Rapid7 InsightVM is designed with integrated threat feeds, giving you a dynamic view that shows you which threats are most relevant to your environment, enabling you to better protect against current, impending threats so you can react quickly to critical vulnerabilities.

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Rapid7 InsightVM solution.

An owner at a tech services company says, "I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."

PeerSpot user Kimeang S., Technical Consultant at Yip Intsoi, mentions, "The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."

A Director of Information Technology at a government explains, "The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."

Rapid7 InsightVM was previously known as InsightVM, NeXpose.