Rapid7 InsightCloudSec Reviews

My main use case for Rapid7 InsightCloudSec is endpoint detections and monitoring, especially with the SIEM. As a MSP, I use Rapid7 InsightCloudSec for endpoint detection and monitoring daily with multiple clients, and the Rapid7 Insight Agent is installed on all the servers and linked with the ticketing system. Once an alert is generated through Rapid7, we receive an alert and investigate through the Rapid7 Insight Agent by using the logs.

The best feature Rapid7 InsightCloudSec offers is the log, which is really quick, and I appreciate the new update with the AI assistance, allowing us to search and create log searches with AI support.

The AI assistance for log search helps me by allowing me to easily search for something from the log, as I used to manually create the log. With the new AI feature, I just type it in and it generates the code, making it easier to get the results.

Rapid7 InsightCloudSec has positively impacted my organization because we are using Microsoft Defender for endpoint protection alongside Rapid7. Rapid7 is quicker than Defender regarding detection speed and logging in, so in comparison, Rapid7 is faster than Microsoft Defender and is lightweight. Since switching to Rapid7 InsightCloudSec, I have noticed it is more time-saving and cost-effective, especially in cases of false positives. From Defender's point of view, we need to log in and check everything, but from Rapid7's perspective, everything is there and with a quick reference, we can identify false positives without digging deeper, saving time and reallocating resources to positive cases.

It is important to note that Rapid7 InsightCloudSec's features are not 100% precise, but I find about 70% of the time it is satisfactory. I would like to suggest that you improve it to be more precise, ideally making it 100% if possible.

Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives. Additionally, the traditional rules should be updated, as this is a main point worth mentioning since we spend a lot of time fine-tuning these traditional rules. I suggest improving the legacy detection rules.

If there are any authentication cases, such as impossible travel activity where a user has their SharePoint hosted in a different location, Rapid7 can often trigger alerts, creating confusion as we cannot fine-tune it properly. Another issue is with honeypot access. We sometimes lack necessary logs because Defender's advanced threat protection scanning gets detected as honeypot activity by Rapid7, leading to annoying and noisy alerts that we need to constantly close.

If you can improve the traditional detection rules to reflect current detection rules, it would make it significantly easier for us to manage, as we constantly need to check legacy rules to update or possibly turn them off. Updating the legacy rules should be a priority.

I have been using Rapid7 InsightCloudSec for almost one year.

Rapid7 InsightCloudSec is stable.

Regarding scalability, Rapid7 InsightCloudSec is very scalable so far.

The customer support provided by Rapid7 InsightCloudSec is pretty good. We receive enough support on time. In more complex cases, it can take time, but overall, I am satisfied with the support.

Positive

We did not use any other solution prior to Rapid7. We started directly with Rapid7 and Microsoft.

In terms of return on investment, I can say that we have seen time saved and money saved. We previously had fewer employees, and with Rapid7, it has been really helpful to manage all workloads effectively.

My experience with pricing, setup costs, and licensing for Rapid7 InsightCloudSec is that it was affordable initially, but now the costs are a bit high. However, in comparison to other tools in the market, I still find it affordable.

Before choosing Rapid7 InsightCloudSec, we evaluated other options, including SentinelOne and other popular solutions.

The first thing we need to do to use Rapid7 InsightCloudSec effectively in our workflow or with our clients is to install the Rapid7 Insight Agent to the endpoints or even the servers. That is a bit challenging because most of the clients are unaware of Rapid7 Insight Agent, and we need to convince them to make it a trustworthy source.

My advice for others looking into using Rapid7 InsightCloudSec is to investigate the features that need to be set up in detail. I rate Rapid7 InsightCloudSec a seven out of ten because of its efficiency, cost-effectiveness, time-saving capabilities, and better monitoring.

Hybrid Cloud

Microsoft Azure

My main use case for Rapid7 InsightCloudSec is log monitoring and vulnerability management for our servers, which are the two main aspects I focus on.

Our applications are hosted on EKS, which send logs to Rapid7 InsightCloudSec, so whatever occurs in our application and whatever logs are coming through, we can see that in Rapid7 InsightCloudSec very quickly. This is one use case where Rapid7 InsightCloudSec helps us significantly, and related to the servers that we have on AWS, we have vulnerability management, so we can see the CVEs of vulnerabilities and we can patch them and fix them immediately. This is how Rapid7 InsightCloudSec helps us.

These are the main aspects of Rapid7 InsightCloudSec that I have used.

Rapid7 InsightCloudSec offers a mix of all these advantages, with speed being a key factor. As soon as I patch my server, it immediately reflects in Rapid7 InsightCloudSec console the vulnerabilities, so it is very quick and easy to see what vulnerabilities are present in my server. Related to log management, we previously used Sumo Logic, but Sumo Logic was somewhat complicated, whereas Rapid7 InsightCloudSec is very simple to search for logs, and it also works very quickly.

Rapid7 InsightCloudSec integrations are also really valuable, so we have Rapid7 InsightCloudSec integrated with our AWS instances and also our Slack channels. If a major vulnerability comes in, we get notified in our Slack, which is a significant advantage.

Rapid7 InsightCloudSec has helped us save thirty percent time in our log retrievals, and it completely changed log searching, making it really fast when we search for logs, with no prior knowledge required. This is a big advantage. Vulnerability management has also led to a fifty percent reduction in cyberattacks in our organization when we use Rapid7 InsightCloudSec.

I have a suggestion for Rapid7 InsightCloudSec; the interface can be more intuitive and faster, with a cleaner dashboard that includes customizable widgets and somewhat streamlined navigation to improve usability. For a first-time user who starts using Rapid7 InsightCloudSec, it is somewhat complicated to navigate through the UI and search for logs or vulnerabilities, so this is one aspect that could be improved.

Rapid7 InsightCloudSec could also be integrated with third-party tools such as GitLab CI/CD pipelines and cloud-native services such as EKS, which would improve its appeal to DevOps and cloud teams. Rapid7 InsightCloudSec already provides us real-time feedback loops, but if it also provides real-time feedback to the developers, then it would help the application shift left, meaning the security will shift left as well.

I have been using Rapid7 InsightCloudSec for the past four years.

I have not faced any limitations with my data volume regarding the stability of Rapid7 InsightCloudSec.

We were previously using Sumo Logic for log management, but for threat assessment, we have always used Rapid7 InsightCloudSec. However, for log management, Sumo Logic required query language and skills, taking up significant time to query as well, which is why Rapid7 InsightCloudSec helps us there.

Based on return on investment metrics, Rapid7 InsightCloudSec has helped us save thirty percent time in log searching and fifty percent time in vulnerabilities. With automated vulnerability detection, Rapid7 InsightCloudSec helps teams reduce the time by thirty to fifty percent, which directly cuts exposure time and lowers risk. By catching issues early, Rapid7 InsightCloudSec helps us prevent costly breaches or regulatory fines; for example, automating patching and misconfiguration audits can save thousands in operational overhead, while pre-built compliance reports and container monitoring eliminate manual audit prep, cutting audit preparation by forty to sixty percent.

Before choosing Rapid7 InsightCloudSec, I evaluated different options, considering many available solutions, with Tenable being one of them due to its strong vulnerability scanning and compliance checks, but its UI is not as intuitive.

Rapid7 InsightCloudSec helps us collaborate in many ways, with the first being the shared dashboard and reporting, as teams can build and share real-time dashboards or schedule reports across security, DevOps, and management. The second is the ticketing and alert integration, where Rapid7 InsightCloudSec integrates with tools such as Jira, ServiceNow, and PagerDuty, enabling automatic creation of tickets. The third is the role-based access, allowing different teams to get tailored access, helping them focus on the data relevant to them while maintaining compliance and accountability.

Rapid7 InsightCloudSec helps with compliance or regulatory requirements in my organization by using tools such as InsightVM to continuously scan my environment for vulnerabilities and misconfiguration, which ensures the assets stay in line with compliant frameworks such as SOC 2 and GDPR. It offers out-of-the-box customizable compliance reports that map directly to regulatory controls, making audits faster and less painful by showing evidence of adherence and required security practices. All the security event scans and remediation actions are logged, creating a detailed audit trail that auditors appreciate and helping to prove due diligence and continuous compliance over time.

Rapid7 InsightCloudSec is a powerful and reliable security platform with strong capabilities in vulnerability management and threat detection. The agent-based scanning, dashboarding, and prioritization engine are very effective, especially in a hybrid cloud environment. There is room for improvement such as UI responsiveness, scan performance at scale, and deeper CI/CD integration, which would enhance the overall offering. I would rate Rapid7 InsightCloudSec as an eight out of ten.

Private Cloud

Amazon Web Services (AWS)

In my role, my main use case for Rapid7 InsightCloudSec is for vulnerability management, where I scan my machines to see zero-day vulnerabilities and receive remediation tactics recommended by Rapid7 after scanning different vulnerabilities, thus providing insights or recommendations on how to tackle them.

Pen testing is another use case where we have assets enrolled with Rapid7 agent. We scan those assets in batches because our company is very large, creating groups based on specific IP addresses and scheduling scans accordingly.

The best features Rapid7 InsightCloudSec offers include the dashboard, which gives me an oversight of everything happening in my environment, from vulnerabilities to risks and asset numbers, all presented in simple terms for visualization and decision-making.

The layout of the dashboard is what I appreciate most because it displays information in an easy-to-understand format and is easy to navigate, providing an overview summary of everything that I need to know without navigating through different tabs.

Regarding the reporting feature of Rapid7 InsightCloudSec, I appreciate that it allows me to manipulate the report to my own specifications, as the reporting structure is very broad and interesting. The features involved in the reporting structure are very good, allowing me to tailor the report to my own requirements easily, even selecting only the columns I want. I can also set automatic alerts and integrations, such as the console we could use to integrate between Rapid7 InsightCloudSec and ManageEngine, although it was still a work in progress requiring some manual handling on our part.

Using Rapid7 InsightCloudSec alongside our ManageEngine patch management module positively impacts my organization by scanning assets deeply and providing all identified vulnerabilities, from zero-day to any vulnerabilities on an asset, addressing those that ManageEngine might not identify.

I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec. It highlights ways I can use to tackle those vulnerabilities, so we integrate it with ManageEngine, which has a patch management module, and utilize those two systems hand in hand to remediate identified vulnerabilities.

My colleagues have mentioned that having a feature in Rapid7 InsightCloudSec to remediate vulnerabilities scanned from within the console would be helpful. They note that while ManageEngine allows for automatic patching, it would be beneficial for Rapid7 InsightCloudSec to provide a similar feature to make the process more streamlined, rather than having to remediate vulnerabilities manually.

I have been with my current company for the past six months, since May.

Rapid7 InsightCloudSec is very stable, performing well without any issues.

The scalability of Rapid7 InsightCloudSec is excellent; I have not experienced performance issues as I add more assets, and everything operates smoothly within one console.

I have not encountered any significant issues requiring external support for Rapid7 InsightCloudSec, but if such a need arises, I anticipate that contacting them would yield a timely response, as I have engaged with their solution.

Positive

We previously utilized ManageEngine and switched to Rapid7 InsightCloudSec because ManageEngine scans assets but does not deeply scan for vulnerabilities. Rapid7 InsightCloudSec offers concrete vulnerability assessments that ManageEngine lacked and provides multiple options for addressing identified vulnerabilities, unlike ManageEngine which limits decision-making on patch deployments.

I can confirm money and time savings with Rapid7 InsightCloudSec, as we can scan the entire IP range simultaneously instead of manually checking each asset for vulnerabilities, reducing the need for technicians to move around the organization and thus saving significant time.

The pricing, setup cost, and licensing for Rapid7 InsightCloudSec are reasonable, and since our organization is growing, I have observed that the more numbers you have, the less costly the product becomes, as licensing operates on volume. Additionally, setup is easy since everything is on the cloud, requiring only the deployment of the agent on machines from a GPO perspective.

We did not evaluate other options before choosing Rapid7 InsightCloudSec as our research indicated it met our needs, making it the best choice from day one.

I would recommend that others considering Rapid7 InsightCloudSec assess their organizational needs to determine what they want to achieve with it. If they operate in a fast-paced environment with many assets, I definitely recommend Rapid7 InsightCloudSec for streamlining operations and reducing manpower needs. I gave this product a rating of 9 out of 10.

Hybrid Cloud

Other

Rapid7 InsightCloudSec is used for infrastructure threat finding, and based on the reports which include high, low, and medium priority vulnerabilities, it is easy to determine what actions need to be taken to fix and address the environment and infrastructure in the best way.A combination of on-premises, virtual environments, and both Windows and Linux systems are monitored. Public-facing servers are also monitored, and with Rapid7 InsightCloudSec, servers can be easily safeguarded from unauthenticated or unknown users while controlling malicious activities. Vulnerabilities of both Windows and Linux servers along with applications are monitored, which allows for early detection and reports about issues and solutions for vulnerabilities or security threats.I have approximately 15 years of work experience in this field.

Rapid7 InsightCloudSec impacts the organization positively by acting as a shield against hackers and ransomware, providing effective protection to data and infrastructure.

The ability to find threats in advance is the most valuable feature in day-to-day work because it helps keep the environment and customers safe. Customers can be notified in advance since they rely on this managed service, making these features very helpful for company-managed services and customers.Rapid7 InsightCloudSec offers advanced notifications, alerts for unknown anonymous logins, and it advises on vulnerabilities with generated reports.

Improvements could include providing better human-readable report formats with thorough explanations of CVEs and threats, detailing what can be done to eliminate malicious activities.Currently, an agent is used for every new infrastructure deployment. It would be better going forward to have a host-level automatic discovery feature to reduce those dependencies.At present, it is an agent-based solution, and a host-based solution that does not require agent dependencies would make it easier to work with.

Rapid7 InsightCloudSec has been used for the last five-plus years, and it has been a good security tool in both past and current companies.

Rapid7 InsightCloudSec is very stable.

Its scalability is highly relevant and adaptable.

The customer support for Rapid7 InsightCloudSec is good, as very prompt responses are received to queries.On a scale of 1 to 10, the customer support would be rated a 10, as responses are typically received within about half an hour to an hour when creating a ticket.

Positive

Previously, some open-source tools such as OpenVAS were used.

The pricing, setup cost, and licensing for Rapid7 InsightCloudSec would be described as nominal.

No additional implementation team support is needed at this time.

A return on investment has been seen in terms of manpower and money due to its ease of deployment, eliminating the need for multiple people once configuration and installation are standardized, allowing Rapid7 InsightCloudSec to perform its job efficiently.Cost savings have been observed, and when comparing with other customers using different tools, they faced issues with alerts and reports while the environment and customers remain on a safer side with Rapid7 InsightCloudSec.

The pricing, setup cost, and licensing for Rapid7 InsightCloudSec would be described as nominal.

Before choosing Rapid7 InsightCloudSec, other options were evaluated, including OpenVAS.

Rapid7 InsightCloudSec creates a user-friendly environment with limited options, while the reporting is well-structured and allows for accurate decision-making. This review has been given a rating of 9 out of 10.

Hybrid Cloud

Microsoft Azure

Rapid7 InsightCloudSec's main use case for our organization is to maintain our cloud security posture, and we typically depend on a platform named AWS to monitor it and implement all the security features suggested by Rapid7 InsightCloudSec.

Recently, we had a bunch of AWS roles and S3 bucket policies that were overly permissive, which were suggested by Rapid7 InsightCloudSec. After considering their suggestions, we limited the AWS policies and downsized all overly excessive permissions to only what's necessary.

We are also using Rapid7 InsightCloudSec for other use cases, such as managing the whole networking structure of our AWS account, including VPC, subnetting, and ensuring the whole cloud security posture aligns with how it should be.

Rapid7 InsightCloudSec's best features include the immediate suggestions and support provided, as well as real-time visibility across multiple cloud environments, risk-based prioritization, automated cloud compliance, policy enforcement, and best practices for Infrastructure as Code security.

The automated compliance enforcement has helped our team significantly in cloud infrastructure entitlement management and maintaining the whole IAM governance as well as the container and Kubernetes security postures, plus conducting vulnerability assessments and generating comprehensive reports.

One of the best features is the agentless cloud-native vulnerability management plus cloud workload protection, as Rapid7 InsightCloudSec provides native vulnerability scanning for cloud workloads, containers, and VMs without needing an agent, simplifying deployment and reducing overhead.

It has positively impacted our organization by changing the whole efficiency, especially after updating our patching process to meet the CIS benchmark that was previously under-provisioned. This change uplifted our CIS compliance score. After implementing Rapid7 InsightCloudSec, we increased our CIS benchmark score from 48 to around 88 after addressing missing patches on some VM instances, indicating a significant positive impact.

I currently do not have any specific suggestions for improvements, as I am still exploring the full capabilities of Rapid7 InsightCloudSec, but I wish the UI and UX for reporting could be more straightforward, simplifying the process of creating matrices and dashboards.

I have been working in my current field for the past three and a half years.

Rapid7 InsightCloudSec seems very stable, having been deployed in production systems without causing any issues.

Rapid7 InsightCloudSec is scalable, as it effectively monitors resources regardless of how much we scale up.

I interacted with customer support after an endpoint compromise incident, and they responded quickly and provided clear insights that were essential for resolving the situation.

I would rate customer support a nine, as there is always room for improvement, but they have been generally impressive.

Positive

We previously used CyberArk and Sysdig, but we switched to Rapid7 InsightCloudSec for its comprehensive monitoring capabilities across our cloud security, as the previous solutions focused on specific areas and we needed a more general approach.

I advise others considering Rapid7 InsightCloudSec to integrate it into their organization. While there may be upfront costs for setup, it pays off in long-term security benefits and risk reduction from breaches.

Rapid7 has provided us with a good return on investment, helping us plan migrations from outdated virtual machines to up-to-date, secure systems, which has led to savings in infrastructure costs and reduced the need for a large cybersecurity team.

The pricing has been equivalent to the features provided. While it was not overly expensive, I do wish for more discounts for bulk purchases since we have implemented it widely across our cloud security posture. The setup cost was manageable, and the licensing process is seamless.

Before choosing Rapid7 InsightCloudSec, we did not evaluate other options thoroughly. While we had a few POC integrations with Snyk, they were not as effective as Rapid7 InsightCloudSec.

Everything is under control for the cloud security postures at this time. My overall review rating for Rapid7 InsightCloudSec is eight.

Hybrid Cloud

Amazon Web Services (AWS)

Rapid7 InsightCloudSec is used to monitor client cloud environments, identify misconfigurations, and ensure continuous compliance across their cloud resources.For specific monitoring, Rapid7 InsightCloudSec is mainly used to monitor exposed S3 buckets and IAM policy changes, and it alerts when a bucket becomes open to the public or if a risk permission gets added so it can be fixed. It has also been used for monitoring devices and laptops.Rapid7 InsightCloudSec is deployed in the cloud to monitor both public and private cloud environments for clients, so it is not used on-premises.

The automated alerts and clear dashboards make it easy to stay ahead of issues, and Rapid7 InsightCloudSec has been reliable for keeping client cloud setups secure without a lot of manual effort.The best feature in Rapid7 InsightCloudSec is the real-time misconfiguration detection because it immediately flags risk changes in client cloud environments, allowing response before anything escalates.Real-time detection has helped the team react faster and avoid potential security incidents. Instead of finding issues during scheduled checks, alerts are received at the moment something risky happens, which allows problems to be fixed immediately and keeps client environments stable and compliant.Rapid7 InsightCloudSec has helped the organization work more efficiently and proactively, reducing the time and effort spent on manual cloud checks, improving response time to issues, and providing more confidence in the overall security posture managed for clients. It helps streamline workflow and strengthen the quality of service delivered.Since implementing Rapid7 InsightCloudSec, manual cloud security checks have been reduced by around forty to fifty percent, and mean time to resolve misconfigurations has dropped from several hours to under thirty minutes on average, significantly improving efficiency and client confidence.Overall, Rapid7 InsightCloudSec has been a reliable tool for managing cloud security for clients, and while there is room for improvement, its real-time alerts and automated checks make it a valuable part of the workflow.

The platform could be improved with more customizable dashboards and reporting.The rating of eight out of ten was chosen because there is room for improvement in dashboard customization and in-app guidance.

Rapid7 InsightCloudSec has been used for about a year since starting at RDX.

Rapid7 InsightCloudSec works without any stability issues so far.No stability issues have been experienced since using Rapid7 InsightCloudSec with clients.

Teams looking into using Rapid7 InsightCloudSec should take time to set up automated policies for alerts from the start because that is very important. It is worth investigating and learning the dashboard early because once configured, Rapid7 InsightCloudSec saves a lot of time and helps proactively secure cloud environments. The review rating for Rapid7 InsightCloudSec is eight out of ten.

Public Cloud

Amazon Web Services (AWS)

I use Rapid7 InsightCloudSec for application security and vulnerability management. I often use Rapid7 InsightCloudSec technology to scan internal and external facing systems. The enrichment, particularly the vulnerability enrichment, is superior, and the screens and dashboards are excellent.

The fastest scanning is the best feature Rapid7 InsightCloudSec offers. The faster scanning helps me respond to threats quickly in my daily operations. Rapid7's enrichment in terms of vulnerabilities is particularly valuable, as they continue adding new vulnerabilities and capabilities to the system.

The dashboard of Rapid7 InsightCloudSec is very rich and colorful, and I often refer to it for reporting purposes.

Rapid7 InsightCloudSec positively impacts my organization by integrating tightly with my existing vulnerability management process and workflows, particularly in creating a new project and implementing trigger-based scanning.

Time to detect vulnerabilities has improved significantly, which gives me time to mitigate or eliminate them. The vulnerability classification helps me concentrate on which vulnerabilities I need to focus on, rather than dealing with an overwhelming number of vulnerabilities without knowing which ones to address.

Rapid7 InsightCloudSec needs to provide more granular search capabilities, such as the ability to search back the last three months. If the platform were equipped with LLM for summarization and other capabilities, it would be really helpful. Automated pen tests would be a great addition.

Regarding integration support, Rapid7 InsightCloudSec broadly integrates with many security technologies, but enabling EDR support would be beneficial, and support for patch management would also be valuable.

I have been using Rapid7 InsightCloudSec for about four years.

In security, there is nothing called a silver bullet, as every technology is rapidly moving. I give this product a rating of 8 out of 10.

My main use case for Rapid7 InsightCloudSec is for cloud procedure management, real-time compliance monitoring, and identifying misconfigurations across all cloud environments such as AWS, Azure, GCP, and resource visibility as an inventory.

I used Rapid7 InsightCloudSec in my previous company for real-time compliance monitoring and identifying misconfigurations, where we focused on faster, more accurate detection and client solution services.

Since using Rapid7 InsightCloudSec, I have positively impacted my organization by sending alerts.

Those alerts have helped by saving time.

The best features Rapid7 InsightCloudSec offers include more automation remediation, compliance reporting for auditing, improvement on multi-cloud governance, and cost visibility, which really stand out to me.

The automation capabilities in Rapid7 InsightCloudSec boost my workflow, as they involve Jira automation and creating misconfiguration tickets in Jira.

Rapid7 InsightCloudSec provides a faster, more accurate indication and helps to better understand how to reduce noise in the tone policies.

Rapid7 InsightCloudSec can be improved by seeing reductions and improvements in prioritization, tuning findings, suppressing low-value alerts, and better prioritizing the most critical risks.

Needed improvements include adding AI-driven risk prioritization, proactive cloud risk modeling, advanced IAM privilege analysis, identity graph relationship mapping, privilege escalation detection, and automation for privileged remediation.

Additionally, Rapid7 InsightCloudSec needs improvements such as AI-driven risk prioritization, proactive cloud risk modeling, advanced IAM privilege analysis, multi-cloud attack path mapping, pre-built automated hardening, defining stronger policy as code support, better container and serverless coverage, and cost optimization insight along with safe auto-remediation with rollback improvements.

I have been using Rapid7 InsightCloudSec for eight to nine months in my previous company.

Rapid7 InsightCloudSec is deployed in my organization as a public cloud and hybrid cloud.

I am using VMWare Cloud, Azure, GCP, and AWS for my public and hybrid cloud deployment.

I purchased Rapid7 InsightCloudSec through the AWS Marketplace.

I would rate Rapid7 InsightCloudSec an eight out of ten because of its multi-cloud integration, stronger policy as code support, better container serverless coverage, and security plus cost optimization insight.

Hybrid Cloud

Other

We have been using it for almost four years. We are one of the top first customers who implemented it. It's a cloud security solution.

With this tool, we have a neat security posture at least in terms of securing our environment. It helps us handle all the misconfigurations, and we do day-to-day remediations.

ICSE is cheaper compared to other tools and has a pleasant user experience with good support. It has powerful API calls for collecting data from the cloud, which stands out when compared to other solutions.

A couple of modules are missing when compared to other providers, specifically related to some IAM, and the login piece needs improvement.

We have been using it for almost four years.

They have excellent support with internal Slack channels and are directly reachable through Teams. Their assistance is really good for us.

Positive

We did a POC with Prisma Cloud in my previous organization, and that's where it was implemented on a large scale.

The initial setup is easy and not complex. It initially required fine-tuning access and other settings, but it has matured over time.

It was a mix of different teams, including the security team and the cloud team, working together to implement it with around ten people engaged.

Security is one of those things where you cannot always value the return on investment unless there is a breach or some ransomware. However, it provides a good security posture and helps handle misconfigurations and day-to-day remediations.

The pricing is good when compared to other leaders. It is cheaper.

We compare it with Palo Alto Prisma Cloud and something came up recently with Wiz. I don't know if we can compare Wiz with Insight. Wiz is still new.

It depends on the use case. If someone is looking at CSPM within budget, this ICS would be a good choice. If needing more features, then Prisma is good.

I'd rate the solution eight out of ten.

Hybrid Cloud

Other

We initially wanted to implement CSPM a couple of years back. We did the market research, performed analysis, understood the strengths, and so on. Then we implemented this tool within our environment as a part of CSPM.

Agentless scanning is a possible use with Rapid7 InsightCloudSec. You do not deploy the agents within your workload or to the cloud resources, which is an advantage. I also think there's an automation feature available within Rapid7 ICS, which is good.

Overall, Rapid7 ICS is good. There are no major drawbacks. However, there are a lot of other solutions in the market, not only providing the features of a CSPM, but also CNAPP. When it comes to CNAPP, if you have deployed many containerized-based applications within your environment, plus the containers, managing all those things becomes complex. It can't be easy to keep an eye on those resources because sometimes doing so requires an additional agent that one needs to deploy so that they can perform the scans on those workloads. However, there are a lot of tools in the market that provide these scans at the API level. One could connect Rapid7 with an API at the workload or cluster level, and you'll get all that information. However, the challenge is how easily you can implement those things within the environment. Sometimes, you'll encounter some complexity while implementing APIs. Some customers won't be happy getting complex things implemented. At the end of the day, they would prefer that things be simpler. That is something Rapid7 could improve on. Besides, the UI is a bit complex and not user-friendly, but they're working on that.

I have been working with this tool for more than 12 months.

As far as scalability is concerned, since it's a SaaS-based application, you just need to integrate it. Rapid7 only provides a platform, like with AWS, Azure, and G Suite, so you must integrate Rapid7's platform. Most of the resources within it will get replicated or harvested, so there aren't any immediate challenges regarding scalability.

There are a lot of other things to consider, though. When providing deep information about the cloud, the Rapid7 team needs to work on those areas. Let's say you have a Kubernetes cluster. Once you integrate your platform, you must do additional configurations to monitor the Kubernetes cluster deployed on a specific platform, such as AWS or Azure. Those additional configurations are not as straightforward as they would seem. Those are areas that require some modification from the Rapid7 team.

I rate Rapid7 ICS' scalability a six and a half out of ten since I haven't seen any issues with stability. Rapid7 ICS is just a tool that acts as a platform to expand your visibility to the cloud resources. ICS does not explicitly do something from Rapid7's end apart from just performing the scan. It's not a cloud platform like AWS or Azure.

The Rapid7 team has sync-up calls to help users understand the solution. When you have any issues, you can contact the team, who will help you.

Rapid7's deployment was not that complex. There are a lot of requirements, and the requirements vary as time passes. But once you deploy the solution and start using it, you'll discover which features are good and which could be improved. I rate the deployment a three out of five.

Companies generally buy this tool because the pricing is not that high. ICS's pricing is still per the market standard, but there are a lot of other solutions that are more expensive than Rapid7 ICs. Rapid7 ICS is good, considering the number of features they provide.

We need to stand parallel to our competition, meeting the market and user demands. We should ensure the tools we leverage within our environment are up to the market.

Apart from Rapid7 ICS, there are a lot of other tools available in the market which are also agentless. Most other solutions work on the API level, where you use the API to integrate them and perform the scans.

As for privileged access in Rapid7, you sometimes require privileged access to perform automatic remediations, which could be something that most customers are not comfortable with since they would not want someone outside their company to grant privileged access.

Considering Rapid7 ICS' shortcomings, Rapid7 is working on the same. But there are a lot of other competitors in the market providing better features. When it comes to keeping an eye on PII data, which is very sensitive, Rapid7 ICS does not detect if it is in the cloud resources. But other vendors' products could detect that. That feature is based on which one can compare Rapid7 with other tools.

People are still in the phase of developing most of the features. They might have Rapid7's documentation with them, but those require some prerequisites if you want to understand them. If you're a vendor and do not know anything, you must learn some things without directly jumping to the documentation part.

Rapid7 ICS is good, considering the number of features they provide. But that depends on your and the company's requirements. If the company just wants a tool that acts as a CSPM, Rapid7 ICS can be helpful. But if the company wants to not only buy a CSPM tool but wants a CSPM-cum-CNAPP, Rapid7 ICS is lacking in those areas.

There are a lot of pros and cons, but Rapid7 ICS is doing well as of now.

I rate the solution a six out of ten.

Public Cloud