Rapid7 InsightVM Reviews

We use it for vulnerability scanning.

The feature that I have found most valuable is its dashboards.

There is room for improvement on its cloud side.

In the next release I would like to see better reporting.

I have been using Rapid7 InsightVM for seven years.

It is stable.

Rapid7 InsightVM is scalable.

In my company, it is just my team of less than five people using it.

It requires one engineer for deployment and maintenance of the solution.

We do not have plans to increase the usage of the solution in the future.

Their customer support is really bad. On a scale of 1 to 10 I would probably give it a 1.

The initial cloud setup was difficult. It took months even though we worked with their professional services.

We used a consultant to implement.

We had a good return, but it could be better.

We pay 100,000 yearly.

We are thinking about changing right now. We have always used Rapid7, but we are thinking about changing now.

My advice to anyone considering Rapid7 InsightVM is to look at the other vendors first.

On a scale of one to ten, I would give Rapid7 InsightVM a 3.

The primary use is to protect against cybersecurity attacks in your digital infrastructure. One example of such an attack is credential-grabbing.

We have put in some requests for enhancements and they are listening quite well. When there is something that we want to have enhanced then we can easily chat with the people at Rapid7. If it makes sense and another customer thinks that it makes sense then it will be built into the next release.

We are very satisfied with the reports, as they provide us with the information that is required for our management. You can perform the queries that you need.

There have been instances where technical support takes a long time to update the status of a ticket, which is something that can be improved.

I have been using this product for about two and a half years.

The stability is okay.

In terms of scalability, this product is awesome. We have more than 5,000 users and we plan to increase our usage in the future.

The technical support is very nice. They are good and they listen to the customers, which is very important in my opinion.

There is always a demand for technical support to be faster. That said, I think it is much more important to have quality and communication. If I am going to be updated during the course of the case that is running, then that is okay with me. Also, as long as the quality stays in the system and they keep on improving, I am satisfied.

We switched to Rapid7 because we were not satisfied with our previous solution. It was not up to par in terms of our needs and standards.

The initial setup is very straightforward and not complex at all. Our deployment took about three months.

This is mostly a cloud-based solution that works with the assistance of agents and collectors.

We implemented and deployed this product on our own.

The licensing is asset-based and very straightforward.

Overall, this is a product that I am very satisfied with.

I would rate this solution an eight out of ten.

InsightVM is good. It's easy to use. It's fast, it's a powerful, easy to access tool.

I have had some difficult problems with InsightVM. The InsightVM cannot scan if we connect to our customer by the VPN. I asked the Rapid7 support, they told me that the InsightVM can only work on the same network. We cannot use InsightVM by VPN. It also consumes a lot of memory. It would be good if they could resolve that.

We worked with Rapid7 InsightVM for one year.

It is very stable, but it consumes a lot of memory.

Scalability is good on the same network but not if you have to connect to another network.

I think the support is okay. They responded very quickly, and it was sufficient.

InsightVM is Window-based. It is easy to install and easy to use.

It took us about half a day to set up. When we bought from the distributor in Thailand, the distributor sent an engineer to install and explain how to use it and how to customize the report.

My team uses a small tool such as Tenable Nessus and Rapid7 InsightVM, but when we use both tools and compared the report, Tenable Nessus is very easy to consolidate, to expand to our customer, but InsightVM is very difficult. We would have to cancel it to explain the daily part to our customers.

I would recommend having the distributor help you to explain how this software works and to help with the details. I would rate it at an eight out of ten.

We use Rapid7 for our vulnerability assessment. It scans the network, identifies all of the assets that are present, and then identifies all of the vulnerabilities due to non-patching those systems. Based on that, we can generate reports and make sure that those applications or servers are patched on both the operating system and application level.

The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices. It will extract all of the information, including the rating and vulnerabilities, in all of the applications that are present, on each of those machines. This is quite relevant because if you have many applications on one server then you don't know if they are individually patched, or not.

The dashboard is not difficult to manage.

The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report. Improving the filtering capability would make the reporting easier.

We would like to have penetration testing features built into Nexpose, as it is the next area that we are going to be concentrating on. We have not yet tried it, but it is on our roadmap.

We have been using this solution for one year.

We have not had any issues with stability. For what we are using it for, it is okay, and we use it on a weekly basis.

We have five people who are working with Nexpose and we have not yet needed to scale.

We have been in touch with support on one or two occasions but I was not the person who dealt with them.

The initial setup is not complex. As soon as you deploy, you start by opening all of the needed communication tools on all of the target systems. In our situation, we deployed gradually as opposed to doing everyone at the same time.

We have five people who have access to this solution and can maintain it. They do not work on it full-time but can do site scanning and generate reports when needed.

A third-party was brought in to implement this solution. However, I have done some of the upgrades and I would say that it is straightforward enough that it is not necessary to bring in anybody else.

My advice for anybody who is implementing this solution is to begin by clearly identifying infrastructure and the most critical assets. This tool will give you good visibility into the network and the assets, but it is only the starting point. It is really the input for the process that you have in place to follow up and patch the assets. Simply knowing that they are vulnerable is not good enough, so the right process has to be put into place before it will work effectively.

I would rate this solution an eight out of ten.

We use InsightVM for capacity forecasting.

I've been working around, I don't know, it's about three years.

I rate Rapid7 nine out of 10 for stability.

I rate Rapid7 nine out of 10 for scalability.

I rate Rapid7 support nine out of 10.

Positive

I rate InsightVM eight out of 10 for ease of setup. It takes two or three engineers to deploy. The solution requires some maintenance. It's mainly cleaning up data. 

I rate Rapid7 InsightVM 10 out of 10.

We're mainly using this solution in-house for now and our primary use case is for Red Teaming. I'm a security engineer and we are resellers of Rapid7. 

The discovery and prioritization of vulnerabilities is a good feature along with the investigation, the trials function. It's also user friendly. 

The solution is not multitenancy and it would be great if they could add some of that to the platform. 

The solution is stable. 

It's scaled to the cloud so scalability is not an issue and it's pretty flexible. 

I haven't used tech support. I've done all my troubleshooting online, it offers thorough explanations.

The initial setup is definitely straightforward.

There is an annual license fee which is pretty expensive because it's price per aspect. The pricing could definitely be cheaper.

If your company has the budget for this product, I would recommend it. 

I rate the solution seven out of 10. 

It is basically used for scanning.

When it comes to the automation, we use the plug-ins that are compatible with the dimensions. Once the builder is done, we run the test cases. Then it is installed onto the server and we run the test cases on the server after the installation.

It gives false positives at times, and this a problem. It causes problems with reporting. 

In addition, I did not find plug-ins for a Rapid7 InsightVM. It would be much more informational to run it through directly, so once the app is installed, once the software is installed on that particular server, it would find what exactly that application is open for. This would make things easier for us.

It is scalable. It definitely handles everything we need, without a problem.

I have not interacted with tech support.

I previously used Tenable Nessus and Nessus Scan. Insight VM vs Tenable Nessus is a more user-friendly product.

The setup was straightforward, and not complex.

I was not involved with the purchase of the product. This is dealt with by our sales team.

Rapid7 InsightVM, like Tenable, is used to enforce the vulnerability management lifecycle.

We identify the assets, scan them, prioritize them, and have a remediation plan in place to address any vulnerabilities that are discovered.

A remediator scan is performed to determine whether or not the discovered vulnerabilities have been patched.

The performance is good.

Rapid7 could be easier to manage. When you compare it to other similar solutions, it is a bit difficult to manage.

The reporting could be improved.

I have been using Rapid7 InsightVM for two years.

At the time that it was used, I was using the latest version.

The installation is simple and quick; it only takes 10 minutes to complete.

I have used Tenable SC and Tenable.io, and you cannot compare to Tenable SC or Tenable.io with any other vulnerability solution.

Tenable has that supremacy. It is very easy to manage and very easy to understand. You don't need any prior knowledge or experience to install it; you can do it on your own. You don't need any additional assistance or help through a search on how to install or scan your assets.

Tenable has a very powerful reporting engine but needs to be enhanced.

Tenable is number one, Rapid7 comes second.

I would rate Rapid7 a six out of ten.