Rapid7 InsightVM Reviews

There are not enough templates, and the reporting is weak with this solution. It would be great if there were more templates for the analytical reports, such as patch management reports. At present, these do not exist. 

In addition, there are false positives.

It is quite stable. 

The scalability is good. 

The tech support is quite good. 

I have previously used Qualys, and I find the Rapid7 is a bit limited in terms of reporting.

The initial setup was easy and straightforward.

The price is cheaper than other products on the market.

We looked at Rapid7 vs Tenable Nessus.

Users need to customize the policy compliance in order to optimize usage.

Rapid 7 offers the community edition, a free of charge edition( 32 IP's) that helps small companies to secure their IT environment. Also with this edition it helps the students to learn about Vulnerability Management.

The report from Nexpose is very big, and gives you a description of the problems you have on your servers, and the solution for remediation.

Other valuable feature is the ability to check the vulnerability with Metasploit with only one click.

I use Nexpose to scan my production servers, check the patching level on those servers, and use the reports to show the evolution of security on my servers.

For the community edition one of the big issues is with the registration. Rapid 7 only supports paid domains for registration, so no .gmail.com , .yahoo.com domains (once it was possible) . Also the resources needed by the scans can be an issue.

I used Nexpose for more than 6 years.

Some of issues apear on Linux instalation, but most of the issues are regarding the DB connection. On windows installation, usually the installation is smooth.In my latest test I have used the VM and everything was smooth.

The application is very stable, but sometimes I have issues with the comunication to the update server.

I have tried all Nexpose editions, and I didn't had any issues with any of them. Starting this year Rapid 7 offers hardware appliances.

i'll rate is 10/10. I had some presentation with them, and the person who presented us the solution really knew what to say to make us look on his screen.

I never used technical support from Rapid 7.

I have tried Nessus when it was a free edition. After that I have used OpenVAS and Qualys.

Qualys is another good solution.

The initial setup was straightforward, with small user input.

All the Nexpose and Metasploit implemenations were made by me for various clients and for my firm for testing purposes.

When you buy a vulnerability management tool, always count your IP's. If you miss one IP, and that server is compromised, you have left the door open for attackers into your enviorment.

OpenVAS, Nessus , Qualys, SAINT8,Beyond Trust

Nexpose is one of the best solution on the market with very good development. One of it's key features was the On-Premise installation and Community Edition. Also it integrates flawless with Metasploit.

The main use cases of Rapid7 InsightVM are finding configuration vulnerability checks and patching recommendations. These two are the main use cases that everybody's looking for.

The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good.

The on-premise updates could improve from Rapid7 InsightVM.

I have been using Rapid7 InsightVM for approximately three years.

Rapid7 InsightVM is scalable. You could use it for as many assets as you like. It is very scalable and flexible. 

The technical support is good in their knowledge, but they are a little slow.

The initial setup of Rapid7 InsightVM was straightforward.

I would rate the ease of setup of Rapid7 InsightVM a three out of five.

I rate Rapid7 InsightVM an eight out of ten.