Rapid7 Metasploit Reviews

Organizations find Rapid7 Metasploit valuable for identifying system vulnerabilities, enhancing security measures efficiently. Time savings, especially in website or VIPD testing, often translate to cost benefits. For newcomers to vulnerability assessments, returns show up swiftly. However, entities already familiar with other tools like Qualys or Nessus see moderate returns.

Enterprise users highlight that Rapid7 Metasploit offers both a free and a Pro version with pricing perceived as reasonable and competitive, especially compared to alternatives like Tenable.io. While some users find it expensive and choose the open-source version, others value its affordable Pro licensing structure. The Pro version involves a one-time purchase cost and an annual support fee. Overall, Metasploit provides cost-effective solutions for penetration testing needs, with varied opinions on its pricing and additional costs.

• "The cost is approximately $15 per device."
• "I have used the free version of Rapid7 Metasploit."
• "Rapid7 Metasploit is an open-source solution."

Organizations primarily use Rapid7 Metasploit for penetration testing, vulnerability assessment, and identifying exploitable weaknesses in internal systems. They also utilize it for scanning and automation, testing of web servers, phishing detection, and network penetration activities. Some companies incorporate it into their security and vulnerability management services. Metasploit is often employed with tools like Rapid7 InsightVM and is integrated with information assets to enhance security efforts. Additionally, it aids in creating and testing exploits and malicious documents.

Rapid7 Metasploit's customer and technical support receive mixed feedback. While some appreciate the helpfulness and responsiveness, others mention sluggish and delayed responses. The free version lacks dedicated support, but the community offers substantial resources. Some users find online resources valuable, although direct contact can be less predictable. Comparatively, support isn't as prompt as Cisco. Global support struggles with non-security queries, with some considering Tenable superior. Many users do not engage with support, having no issues needing resolution.

Initial setup of Rapid7 Metasploit is generally straightforward, often completed within minutes to a few hours, depending on environment size. Users with technical backgrounds find it easy, while those without may encounter challenges. Uninstalling antivirus and disabling firewalls might be necessary but not recommended. Users note it requires minimal maintenance post-deployment. Ratings vary, with ease ranging from six to ten out of ten. Quick deployment and installation are frequently highlighted.

Some find Rapid7 Metasploit scalability to be adequate for their needs, particularly in small teams or specific projects, while others suggest improvements due to limited automation. Several perceive it as scalable, giving it high ratings, yet there's a common view that automation limits inhibit extensive scaling. Many use it within professional services teams, asserting it meets their current requirements, although discussions around potential enhancements for larger environments exist.

Users express satisfaction with Rapid7 Metasploit's stability. Many noted improvements in the latest version, with stability rated mostly between eight and nine out of ten. Most users have not experienced any crashes or bugs, though some mention network issues can affect performance. Earlier versions had stability concerns, but the newest has resolved most. Technical issues are rarely encountered, confirming consistent reliability.