Try our new research platform with insights from 80,000+ expert users
it_user606432 - PeerSpot reviewer
Works at a insurance company with 501-1,000 employees
Real User
It is stable and scalable. The templates need improvement.
Pros and Cons
  • "It is stable and scalable."
  • "There are not enough templates, and the reporting is weak with this solution."

What needs improvement?

There are not enough templates, and the reporting is weak with this solution. It would be great if there were more templates for the analytical reports, such as patch management reports. At present, these do not exist. 

In addition, there are false positives.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is quite stable. 

What do I think about the scalability of the solution?

The scalability is good. 

Buyer's Guide
Rapid7 InsightVM
December 2024
Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

How are customer service and support?

The tech support is quite good. 

Which solution did I use previously and why did I switch?

I have previously used Qualys, and I find the Rapid7 is a bit limited in terms of reporting.

How was the initial setup?

The initial setup was easy and straightforward.

What's my experience with pricing, setup cost, and licensing?

The price is cheaper than other products on the market.

Which other solutions did I evaluate?

We looked at Rapid7 vs Tenable Nessus.

What other advice do I have?

Users need to customize the policy compliance in order to optimize usage.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
ITSM & AntiFraud Consultant at a tech company with 51-200 employees
Real User
It scans my production servers, checks their patching levels, and reports on their security. But, the community edition only supports paid domain registrations (so no free emails, such as gmail.com).

What is most valuable?

Rapid 7 offers the community edition, a free of charge edition( 32 IP's) that helps small companies to secure their IT environment. Also with this edition it helps the students to learn about Vulnerability Management.

The report from Nexpose is very big, and gives you a description of the problems you have on your servers, and the solution for remediation.

Other valuable feature is the ability to check the vulnerability with Metasploit with only one click.

How has it helped my organization?

I use Nexpose to scan my production servers, check the patching level on those servers, and use the reports to show the evolution of security on my servers.

What needs improvement?

For the community edition one of the big issues is with the registration. Rapid 7 only supports paid domains for registration, so no .gmail.com , .yahoo.com domains (once it was possible) . Also the resources needed by the scans can be an issue.

For how long have I used the solution?

I used Nexpose for more than 6 years.

What was my experience with deployment of the solution?

Some of issues apear on Linux instalation, but most of the issues are regarding the DB connection. On windows installation, usually the installation is smooth.In my latest test I have used the VM and everything was smooth.

What do I think about the stability of the solution?

The application is very stable, but sometimes I have issues with the comunication to the update server.

What do I think about the scalability of the solution?

I have tried all Nexpose editions, and I didn't had any issues with any of them. Starting this year Rapid 7 offers hardware appliances.

How are customer service and technical support?

Customer Service:

i'll rate is 10/10. I had some presentation with them, and the person who presented us the solution really knew what to say to make us look on his screen.

Technical Support:

I never used technical support from Rapid 7.

Which solution did I use previously and why did I switch?

I have tried Nessus when it was a free edition. After that I have used OpenVAS and Qualys.

Qualys is another good solution.

How was the initial setup?

The initial setup was straightforward, with small user input.

What about the implementation team?

All the Nexpose and Metasploit implemenations were made by me for various clients and for my firm for testing purposes.

What's my experience with pricing, setup cost, and licensing?

When you buy a vulnerability management tool, always count your IP's. If you miss one IP, and that server is compromised, you have left the door open for attackers into your enviorment.

Which other solutions did I evaluate?

OpenVAS, Nessus , Qualys, SAINT8,Beyond Trust

What other advice do I have?

Nexpose is one of the best solution on the market with very good development. One of it's key features was the On-Premise installation and Community Edition. Also it integrates flawless with Metasploit.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are an consulting firm, and I have installed this product to some of our clients.
PeerSpot user
Buyer's Guide
Rapid7 InsightVM
December 2024
Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
reviewer1327302 - PeerSpot reviewer
Security Consultant at a tech vendor with 11-50 employees
Real User
Highly flexible, beneficial workflows, and accurate scanning
Pros and Cons
  • "The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good."
  • "The on-premise updates could improve from Rapid7 InsightVM."

What is our primary use case?

The main use cases of Rapid7 InsightVM are finding configuration vulnerability checks and patching recommendations. These two are the main use cases that everybody's looking for.

What is most valuable?

The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good.

What needs improvement?

The on-premise updates could improve from Rapid7 InsightVM.

For how long have I used the solution?

I have been using Rapid7 InsightVM for approximately three years.

What do I think about the scalability of the solution?

Rapid7 InsightVM is scalable. You could use it for as many assets as you like. It is very scalable and flexible. 

How are customer service and support?

The technical support is good in their knowledge, but they are a little slow.

How was the initial setup?

The initial setup of Rapid7 InsightVM was straightforward.

I would rate the ease of setup of Rapid7 InsightVM a three out of five.

What other advice do I have?

I rate Rapid7 InsightVM an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1674711 - PeerSpot reviewer
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
Real User
It performs well and is stable, but it is difficult to manage
Pros and Cons
  • "The performance is good."
  • "Rapid7 could be easier to manage."

What is our primary use case?

Rapid7 InsightVM, like Tenable, is used to enforce the vulnerability management lifecycle.

We identify the assets, scan them, prioritize them, and have a remediation plan in place to address any vulnerabilities that are discovered.

A remediator scan is performed to determine whether or not the discovered vulnerabilities have been patched.

What is most valuable?

The performance is good.

What needs improvement?

Rapid7 could be easier to manage. When you compare it to other similar solutions, it is a bit difficult to manage.

The reporting could be improved.

For how long have I used the solution?

I have been using Rapid7 InsightVM for two years.

At the time that it was used, I was using the latest version.

What do I think about the stability of the solution?

The installation is simple and quick; it only takes 10 minutes to complete.

Which solution did I use previously and why did I switch?

I have used Tenable SC and Tenable.io, and you cannot compare to Tenable SC or Tenable.io with any other vulnerability solution.

Tenable has that supremacy. It is very easy to manage and very easy to understand. You don't need any prior knowledge or experience to install it; you can do it on your own. You don't need any additional assistance or help through a search on how to install or scan your assets.

Tenable has a very powerful reporting engine but needs to be enhanced.

What other advice do I have?

Tenable is number one, Rapid7 comes second.

I would rate Rapid7 a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Rapid7 InsightVM Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Rapid7 InsightVM Report and get advice and tips from experienced pros sharing their opinions.