Rapid7 InsightVM Reviews

The product is not a cloud solution. The tool can only be used as a hybrid solution, meaning it can be used on the cloud and on an on-premises deployment model. There are certain limitations because of the product being used on a hybrid model. Rapid7 InsightVM doesn't offer a solution purely in the cloud.

Competitors of Rapid7 InsightVM, like Tenable.io and Qualys, offer pure cloud solutions.

I have been using Rapid7 InsightVM for seven or eight years. My company serves as a distributor of the tool.

Sometimes, there were certain parts and programs of the product about which the customer used to complain.

Stability-wise, I rate the solution a six to seven out of ten.

It is a highly scalable solution. One of my company's customers uses the tool on 1,30,000 devices.

My company deals with clients who own small as well as enterprise-sized businesses.

In the past, the support offered for the product was good. Unfortunately, over a period of time, the support offered has become poor.

I rate the technical support a four to five out of ten.

Neutral

The product's initial setup phase was very easy.

The solution can be deployed in a few hours. The time required depends on the scale of the deployment. If there are 1,000 or 10,000 deployments to be done, then it takes time. If the customer provides a Q&A to calculate the design of the network, then the process becomes easier. If the customer does not know about their network, then the deployment process takes time since our company has to discuss several things with them before starting the process.

The product is cheaper than the other similar tools available in the market.

My company uses Rapid7 InsightVM to identify and assess vulnerabilities.

The product has improved our company's vulnerability remediation process. The tool finds vulnerabilities by scanning devices and networks. The solution is also useful in the area of database scanning.

The product area I find to be valuable in vulnerability management workflow stems from many aspects, like reporting, which is very useful. Rapid7 InsightVM's integration with Jira is also very effective and useful for end users. The coverage of the vulnerability offered by the product is very good. The GUI for Japanese users is good.

The product's integration capabilities have improved my company's security posture, as many other systems can be integrated with it. The export feature of the product helps users deal with other products like ServiceNow or Splunk.

The product is more useful for scanning than for its real-time visibility, but I can say that its functionalities come very close to real-time features. The product scans every six hours.

In large and diverse environments, the performance and the scalability of the product are not bad.

The product is easy to understand, making it good for companies that doesn't have much expertise in the area of security. It is an easy to use product. The product also provides a GUI in Japanese, while taking care of the reporting part efficiently, making it very convenient for the end users in Japan.

I rate the product's capacity to offer ease of use an eight out of ten.

I rate the overall tool a six to seven out of ten.

The core domain use of the solution is verification, scanning, and finding out the vulnerabilities in real time.

The ease of deployment and configuration allows users to onboard quickly, aligning smoothly with various functionalities.

The data sheet is good in pricing and promises. The customers are very price-conscious. You have to satisfy technical requirements. This combo makes the product valuable and usable.

Two things are consistent. The rest of the things run fine. The technical side does not respond quickly. They take a lot of time. The priority should be to respond to the customer to serve the customer.

I have been using Rapid7 InsightVM for more than three years.

The solution’s stability is good. It keeps on running. There are no system complaints.

The solution’s scalability is linked to the new scope and the cost.

We are actively seeking alternatives. If you can offer a better solution, superior after-sales service, and overall better everything, we would like to explore what you have to offer.

The initial setup is not so complex. It is quickly deployable configurable and integrated with your existing setup.

The common process for Rapid7 InsightVM involves comparing it against their standard procedures to ensure compliance with the required licenses and resources. Users download the necessary files and initiate/reactivate licenses. Certain configurations are also set up. This process typically takes two to three days for the department, but we usually allocate a week for completion.

Our team feels enabled enough after completing the training session on Rapid7 InsightVM. We conduct our tests independently, and whenever we need support, we seek assistance directly from Rapid7. This process isn't overly complex or time-consuming. We ensure thorough preparation by gathering all necessary information, addressing internet concerns, and informing the customer. Once fully prepared, we proceed forward.

The solution’s pricing is good because the value proposition delivers a report box. It is not very costly.

Since the product is cloud-based, there's no maintenance. Whatever the information or the customization of the customer needs to be confirmed. The hardware needs maintenance.

Overall, I rate the solution a six out of ten.

We use Rapid7 InsightVM to increase vulnerability scanning, which is why we tried Qualys as well.

This solution's most useful feature is that it is entirely a single-page application.

The UI is both professional and user-friendly.

The drawback is that it is still not a fully SaaS solution, so you have to deploy a console.

I have been working with Rapid7 InsightVM for six weeks.

Rapid7 InsightVM is stable.

Rapid7 InsightVM is a scalable solution.

We have two dedicated technicians to assist us.

We are also testing Qualys. If you look at both options, I believe they are the same. Both are in the top market leader position.

Both tools have the same features. The most essential consideration in choosing one of those two experiences with it and whether it fits inside your business.

I can't decide, we are still in the comparison phases.

It is very easy to set up.

It can be deployed in a matter of weeks.

It is pretty expensive. It depends on what you consider pricey, however, if you only look at vulnerability management solutions, such as within VM or VMDR, there are, I suppose the prices are almost the same. But I believe you will discover that for yourself.

Experiment with it and gain some experience with it.

I would rate Rapid7 InsightVM an eight out of ten.

The primary use case of this solution is for critical business applications for the web. We have also implemented it to identify when we are changing and an older system like the application client-server, the server two, the network equipment like switch routers, and security solutions.

The most valuable feature for us is the different types of reporting it provides. For example, the compliance reporting, compliance with the international standard in which we are certified and compliant. This is important for us to escalate the dashboard to our top management.

We need to scan and identify the different RPGs, the critical ones and the major ones that can generate risk or a measure of risk. We generate the reporting from the system and relay the report to our internal developers. We have our internal developers in the bank.

This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider.

This solution is stable. It's a good solution.

This solution is scalable.

It takes two people to manage this solution and to be the backup for the succession plan. Our manager has access and performs audits.

Technical support is good and responsive.

In this current company, they were using Qualys and I convinced the management to change to Rapid 7.

After every event, we are required to automize with information control tools like Sandbox, IPS, and vulnerability management. All of those security tools need to be implemented and automized.

That is not the case with Rapid 7. It can be automized and we are dependant on ourselves. We can perform in having this solution customized with the confines of our text.

The initial setup was not complex and it was easy to implement.

It took a week to prepare and install the virtual machine, and to implement the solution it took one month.

Our Regulatory requires that all banks must implement all security solutions on-premises, not on the cloud because they are worried that the data will be compromised and available on different data centers around the world.

We had the help of an integrator to implement this solution. There were three engineers to help. One was for Nexpose and two for Appsider.

This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important.

Rapid 7 is a leading solution that has been implemented in many companies.

In Nexpose you have the console and the app assistant for Rapid 7. The design can be implemented in all of the segments of the network to scan, perform the scale of the scan, perform the reporting, generate the reports, and send it to the central console.

I would suggest that customers acquire this solution.

In addition to management, we are subscribed to the security dispense team and the company emergency dispense team. We always receive the bulletins, so we are always aware of the vulnerabilities.

I appreciate this solution. All of the features that are included are enough for me.

This is an excellent solution and I would rate it a ten out of ten.

It's a vulnerability scanning tool utilized within the vulnerability management process. We employ it to conduct internal vulnerability assessments of company or organizational host IPs.

It aids in enhancing the overall security posture within our organization. It uncovered numerous vulnerabilities that had been overlooked, which was quite beneficial.

The most valuable features are its reporting capabilities and the host discovery functionality.

The primary issue I encountered initially with this tool was related to configuration. There is a significant learning curve, that non-technical individuals, especially those not specialized in computer science or the information security industry, might face.

I have been working with it for six months.

I am satisfied with the stability provided.

The initial setup went smoothly, but after completing it, I encountered difficulties when attempting to use features like the dashboard and the scan now option. Specifically, I faced challenges with scanning the host, which proved to be quite frustrating.

The initial setup wasn't overly difficult, so it took me around one to two days due to troubleshooting issues. Overall deployment took about two to three days in total.

I highly recommend Rapid7 as my experience with it is very positive. Overall, I would rate it eight out of ten.

We primarily use the solution for scanning. It will support the agent and collect scanning information on particular hotspots. 

We like that you can create your own inputs using the chat.

The integration capabilities are good.

It has good reporting.

We can create our own templates.

The dashboard is very easy to use for customers. 

The firewall could be better.

We've had struggles with new scanning on Cisco routers. We have to do a lot of troubleshooting. The authentication scan is not working. 

We'd like better risk levels for assets in terms of reporting. 

I've been using the solution since 2019. I've only used it for a few years at this point. 

The solution is quite stable. It's reliable. There are no bugs or glitches. It doesn't crash or freeze. I'd rate the stability eight out of ten. 

The solution is scalable. It offers pretty high scalability. I'd rate it nine out of ten. 

Our clients are medium to large-scale businesses. 

The initial setup is very easy. It is very customizable and easy to understand. 

I'm not sure how long the deployment took. The POC took about 30 days to allow the clients to try it out. We requested a POC to test out some use cases. 

I'm a reseller. 

I'm not sure which version of the solution I'm using. It might be version six or seven. 

I'd recommend the solution to others. 

I would rate the solution eight out of ten. 

There are so many cases for InsightVM. It's used for customers that need the ICS compiler or if they need users to work from home right now. It allows them to manage assets from anywhere. 

Using active scan is good.

If you have a history with the solution, the initial setup is easy.

The solution is stable and reliable.

It's very scalable.

The agent must be covered if the customer wants to do a combined thing. InsightVM cannot do that if they are using an agent. We'd like the agent to cover more compliance issues.

I've been using the solution for three or four years. 

The product is stable. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable and the performance is good.

If you want to scan more than 1,000 assets, then we need to show the requirement first. It will use the server with maximum CPU, and maximum RAM. The scalability is quite higher than on the previous one we used. It keeps getting better.

Typically, the initial setup is easy. If a user has the experience, it is straightforward. However, if we work together with an organization that has never used it before, there's more configuration that needs to be done.

We're working with the latest version of the solution, however, I cannot recall the exact version number.

While our clients are using a hybrid cloud, the customers still need to install on-premise. Your console right now is like a dashboard; it's moved to the cloud.

I'd advise users to try the solution. If they are using InsightVM they will be able to quickly understand what the vulnerabilities are on their assets.

I'd rate the solution eight out of ten.

The main purpose for using Rapid7 InsightVM is vulnerability management and visibility.

The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable. Also the functionality. 

It is a single pane of glass that I can do most things.

I see ongoing progress constantly. There isn't much opportunity to make recommendations for improvement from our end. Technology does what we want it to do.

The only issue I have with their business plan is how they interact with South African enterprises. 

They have one singular distributor that I must work with, and that is where my two points go. 

I can't interact with Rapid7 directly. I must work via the local incumbent, the distributor. And working with this third party can be tiresome at times.

Rapid7 InsightVM doesn't work with us directly. I have to work with a  distributor. If I need quotes or technical support, for example, I have to work with the distributor rather than Rapid7 InsightVM directly.

We are a registered reseller and a trusted partner. However, for us to get any support from them I can't log a call directly with Rapid7 InsightVM. I have to work with the distributor to log the call for me.

I have been working with Rapid7 InsightVM for two to three years.

We are using the latest version.

Rapid7 InsightVM is very stable. I would rate the stability a five out of five.

Rapid7 InsightVM is a scalable product. I would rate the scalability a five out of five.

We have approximately 1, 500 endpoints in our company.

It's not users, but endpoints, because the model is built around the endpoints you want to monitor. We run on around 1,500 endpoints. It is not user-specific.

One person can easily manage this solution, but we have a team of four engineers to manage our environment.

I have not contacted technical support directly.

We also use Tenable Nessus.

I am not involved with the initial setup. I have a support team that is managing that.

We deploy it depending on our client's requirements. We use it as well as our clients.

The deployment was done in-house. We do it ourselves.

We had four, and all four worked on the project. This is not to say that there is just one primary job or four main jobs. Our engineers all work as a team.

I can definitely see a return on investment.

It's good. We get the value from the product.

We purchase annual licenses.

We provide our own support. We have resources that have been certified to work on the product. It is purely the license fee.

In terms of affordability, I would rate it a three out of five.

I believe they see us as resellers because we resell it, but when we use it for professional services, they regard us as partners. They use both terms in the same sentence.

We support it.

I strongly recommend it. It's a good product. 

It's only the backend support that needs to be improved. However, there isn't very much that has room for improvement in the product right now.

They are not flawless. We have had problems here and there, but overall, I would rate Rapid7 InsightVM an eight out of ten.