Rapid7 InsightVM Reviews

There are so many cases for InsightVM. It's used for customers that need the ICS compiler or if they need users to work from home right now. It allows them to manage assets from anywhere. 

Using active scan is good.

If you have a history with the solution, the initial setup is easy.

The solution is stable and reliable.

It's very scalable.

The agent must be covered if the customer wants to do a combined thing. InsightVM cannot do that if they are using an agent. We'd like the agent to cover more compliance issues.

I've been using the solution for three or four years. 

The product is stable. There aren't bugs or glitches. It doesn't crash or freeze. It's reliable and the performance is good.

If you want to scan more than 1,000 assets, then we need to show the requirement first. It will use the server with maximum CPU, and maximum RAM. The scalability is quite higher than on the previous one we used. It keeps getting better.

Typically, the initial setup is easy. If a user has the experience, it is straightforward. However, if we work together with an organization that has never used it before, there's more configuration that needs to be done.

We're working with the latest version of the solution, however, I cannot recall the exact version number.

While our clients are using a hybrid cloud, the customers still need to install on-premise. Your console right now is like a dashboard; it's moved to the cloud.

I'd advise users to try the solution. If they are using InsightVM they will be able to quickly understand what the vulnerabilities are on their assets.

I'd rate the solution eight out of ten.

It's a vulnerability scanning tool utilized within the vulnerability management process. We employ it to conduct internal vulnerability assessments of company or organizational host IPs.

It aids in enhancing the overall security posture within our organization. It uncovered numerous vulnerabilities that had been overlooked, which was quite beneficial.

The most valuable features are its reporting capabilities and the host discovery functionality.

The primary issue I encountered initially with this tool was related to configuration. There is a significant learning curve, that non-technical individuals, especially those not specialized in computer science or the information security industry, might face.

I have been working with it for six months.

I am satisfied with the stability provided.

The initial setup went smoothly, but after completing it, I encountered difficulties when attempting to use features like the dashboard and the scan now option. Specifically, I faced challenges with scanning the host, which proved to be quite frustrating.

The initial setup wasn't overly difficult, so it took me around one to two days due to troubleshooting issues. Overall deployment took about two to three days in total.

I highly recommend Rapid7 as my experience with it is very positive. Overall, I would rate it eight out of ten.

We primarily use the solution for scanning. It will support the agent and collect scanning information on particular hotspots. 

We like that you can create your own inputs using the chat.

The integration capabilities are good.

It has good reporting.

We can create our own templates.

The dashboard is very easy to use for customers. 

The firewall could be better.

We've had struggles with new scanning on Cisco routers. We have to do a lot of troubleshooting. The authentication scan is not working. 

We'd like better risk levels for assets in terms of reporting. 

I've been using the solution since 2019. I've only used it for a few years at this point. 

The solution is quite stable. It's reliable. There are no bugs or glitches. It doesn't crash or freeze. I'd rate the stability eight out of ten. 

The solution is scalable. It offers pretty high scalability. I'd rate it nine out of ten. 

Our clients are medium to large-scale businesses. 

The initial setup is very easy. It is very customizable and easy to understand. 

I'm not sure how long the deployment took. The POC took about 30 days to allow the clients to try it out. We requested a POC to test out some use cases. 

I'm a reseller. 

I'm not sure which version of the solution I'm using. It might be version six or seven. 

I'd recommend the solution to others. 

I would rate the solution eight out of ten. 

The solution is primarily used for vulnerability management, specifically vulnerability scanning of the endpoint devices.

The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature.

We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement.

We've used the solution for four years.

I didn't notice anything in terms of stability issues. There was always data in it, so I didn't, face any problems. We just had an issue once where we would scan and then we would patch and occasionally it wasn't reflected on the next scan that that patch was there. That was the biggest issue we faced. Other than that, it was reliable. We didn't really have glitchiness or bugs. It wasn't crashing or freezing on us.

I probably don't have an opinion on the scalability. It seemed to function, however, beyond that I'm not sure. As an end-user, I just would log in and run reports. I wasn't in charge of expanding the solution. I used it in a pretty non-technical way.

There were only ever about 10 to 15 users on the solution at any given time.

I never actually got in touch with technical support. I wouldn't be able to speak t their level of service.

The company did not use a different solution before using this product.

I never set up the software myself. I was always just an end-user. I can't speak to if the solution was straightforward or complex.

I have not idea how long deployment took. I'm not sure if it was a long process or not.

Maintenance was handled by our security division. I don't know if there was one person or there were multiple admins that handled that aspect of the solution.

It's my understanding that the solution was set up in-house and an integrator or reseller was not used.

I'm not sure what the solution would cost on a monthly or yearly basis.

I'm not sure if the company evaluated other options or not. I wasn't part of that process.

The company I'm working with now is looking at evaluating Tenable.io.

The company I worked for was just a customer and I was just an end-user. There was no business relationship between the two companies that I was aware of.

The company is considering moving from on-premises to the cloud.

I am unsure of which version of the solution is being used currently. I'm no longer at the company where I used the product.

While the solution worked well, I have never compared other solutions, so I don't know if it's best in class or not.

I'd rate the solution six out of ten.

We use Rapid7 InsightVM to increase vulnerability scanning, which is why we tried Qualys as well.

This solution's most useful feature is that it is entirely a single-page application.

The UI is both professional and user-friendly.

The drawback is that it is still not a fully SaaS solution, so you have to deploy a console.

I have been working with Rapid7 InsightVM for six weeks.

Rapid7 InsightVM is stable.

Rapid7 InsightVM is a scalable solution.

We have two dedicated technicians to assist us.

We are also testing Qualys. If you look at both options, I believe they are the same. Both are in the top market leader position.

Both tools have the same features. The most essential consideration in choosing one of those two experiences with it and whether it fits inside your business.

I can't decide, we are still in the comparison phases.

It is very easy to set up.

It can be deployed in a matter of weeks.

It is pretty expensive. It depends on what you consider pricey, however, if you only look at vulnerability management solutions, such as within VM or VMDR, there are, I suppose the prices are almost the same. But I believe you will discover that for yourself.

Experiment with it and gain some experience with it.

I would rate Rapid7 InsightVM an eight out of ten.

I use InsightVM for vulnerability scanning, to follow up that patching is done properly, and to control operational teams and ensure they're doing their job.

InsightVM lets me scan our environments and ensure that our operational teams are on top of patching.

InsightVM's best features are the vulnerability database and remediation steps.

InsightVM is getting a little stale and is in danger of falling behind its competitors. It's also becoming more complicated, and I prefer it to be kept simple. Its cloud coverage could also be stepped up.

I've been using InsightVM for ten years.

Insight VM is very stable.

There used to be some problems with scaling InsightVM, but those limitations have been removed in newer versions.

Rapid7's technical support is brilliant, responsive, and professional.

Positive

The initial setup was very easy and took a day to complete. I would rate the setup process five out of five.

We used an in-house team.

Having a vulnerability scanner has saved us from cyber attacks a number of times, so we've gotten good ROI from Insight VM. I'd rate our ROI as five out of five.

InsightVM is an expensive product, especially compared to its competitors, at around a million NOK per year. Support is included in the license for no extra cost. I would rate their pricing at one out of five.

InsightVM has integration with Kubernetes, which no other solution has. I would give Insight VM a rating of eight out of ten.

We are using the solution for configuration review and vulnerability management.

I am using the latest version.

We have fewer false positives.

We feel the interface is very good. It is very easy to use, even a nontechnical person can use it.

The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it. I cannot pull up two or three things in one report.

Three years.

It is stable. For the last three years, we haven't faced any bugs.

It's very easily scalable. You just have to renew your license, and the scalability is already done.

Currently, we have three people who are use the solution. We manage this solution for the whole organization.

The technical support is very helpful, but too slow. Overall, it usually takes 24 hours for them to reply, but the support that they provide is good.

It's very straightforward. The deployment took less than an hour.

We implemented it on our own.

The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization.

We have 600 to 700 licenses.

We tested two to three solutions where we had a couple of false positives. 

Rapid7 InsightVM has very low false positives, so you don't have to go in manually and verify them. This solution is efficient.

I would recommend the product. The product is very good.

I would rate the product between a nine and a nine point five (out of 10).

We primarily use the solution for vulnerability management and monitoring the progress of the remediation process.

The remediation feature has been quite useful. 

It's easy to set up the solution. 

It's stable.

The solution scales well.

The solution isn't missing any features, and I haven't noticed any shortcomings. 

There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version. That, or we must share to the internet on-prem Jira Service Desk. It's not easy for us since we use only the on-prem Service Desk service, and we don't straight to the internet for our service.

InsightVM can only directly connect to the internet. So, we can't use this integration and send tasks to our technical team from InsightVM. We, therefore, need better integration with Jira Service Desk. 

The stability has been good overall. I would rate it five out of five in terms of reliability. The performance is good. There are no bugs or glitches, and it doesn't crash or freeze. 

The solution is suitable for big or small organizations. We have clients of different sizes using the product. 

It's used at the engineering level, with security and administrators using it regularly.

I'd rate it five out of five in terms of the ease of scaling. 

The solution is straightforward to set up. I'd rate it four out of five in terms of ease of implementation. 

We have one or two team members that can set up the solution. 

How long it takes to deploy depends on the customer. For a small customer, it's less than one month or sometimes two weeks. For a big customer with many assets and services, it takes two or three months to deploy.

We only need to have one or two people on hand to handle maintenance tasks. 

The solution is not overly expensive.

We use this solution for our clients.

We're dealing with the latest version of the product.

InsightVM is a solution based on on-prem infrastructure connected to the cloud service, so it's a hybrid solution.

Overall, it's a nice tool. 

I'd rate the solution nine out of ten.