Rapid7 InsightVM Reviews

We handle a lot of video equipment and Rapid7 InsightVM helps us to scan subnets, around 150,000 of them.

Rapid7 InsightVM is more focused on proactive liability management. However, when there's an incident, our team can handle it, but it's not a top priority for me. I think having another solution, like a response automation tool, would be more helpful. Vulnerability management can't prevent incidents once they're in progress, but it's essential to prevent them before they happen.

The remediation project is pretty effective because it allows us to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations.

However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant.

Rapid7 InsightVM, has impressive capabilities, especially when it comes to managing video equipment. However, we've noticed that Rapid7 also offers a cloud solution called CloudSec, and we don't have that. We think it would be better if InsightVM had all the features for both on-premise and cloud management.

I have been using Rapid7 InsightVM for the past 6 years.

I would rate it nine out of ten, especially when it is deployed on Linux Box.

It is very scalable and I would rate it ten out of ten. 

As for deployment time, it varies based on the size of the organization and network sensitivity. For example, in a bank, scans might only happen at specific times, like during the night. Generally, deployment can be quick, but there are many factors to consider. You install the console and the scan engine, and then configure them based on network complexity. Scans themselves take less than 20-30 minutes, but the non-technical aspects, like setting up profiles and firewall rules, can take more time.I would rate it 8 out of 10. 

I would rate it 8 out of 10. 

We have a few primary use cases. The main one is looking at the visibility of devices that are on our network to keep track of things as they come and go, we're looking for known vulnerabilities whether it's the operating system, network devices, mobile devices, and the like. When we find the vulnerabilities we remediate them, so it's also our job to verify that remediations have been successful. In addition, we are now beginning to get involved in setting security baselines and configuring baselines and using InsightVM to audit those configurations.

We're scanning about 6,000 devices. There are about 4,000 users in our environment, they are all IT staff. We also have technical leads from our user services, which is our workstation support, mobile devices, laptops, etc. We've got our infrastructure office which is servers and cloud administration, the IT security group, which is myself, and then our network support team and network administrators as well. It means our IT leadership gets some definite value from the reporting there. The CTO, his assistant, and all the IT managers receive their information from there as well. We have one person working in maintenance, and that's not a full-time position. 

For us there are many integrations with things like the VMware NSX that are great, the reporting is really solid. I like the ability to set goals and SLAs for remediation. When a new vulnerability is found we can have an SLA associated with it automatically based on severity and some of those things. I like the integration with Cisco ISE for identity and doing automated containments and the like. But the biggest thing for me is the quality of the vulnerability scanning itself. The quality of the results and the timeliness, the speed with which they update with new checks for new vulnerabilities. That is the big thing for us.

There are some difficulties with the online reporting and lack of integrations, the information that you can get from the APIs in the software is not the best. There's still some fleshing out of their API that I think could benefit them as well. 

I'd like to see more integrations with ticketing systems. Right now, JIRA and ServiceNow are the only ticketing systems that have integration with Rapid7. Extending that would be big. Some additional integrations with some patch management solutions would be good too. IBM BigFix and SCCM. Microsoft has integrations there. In our situation, we're not using either of those and that feature doesn't really give us a whole lot. If there were to be new integrations added on, both on the patch management and the ITMS side, that would be a big improvement.

Additional features would be the additional integrations for ticketing systems that I mentioned. There are always updates rolling out for new scans and things. 

We've been using the solution for quite a few years. 

I've been impressed with the stability. The only issues that have really come up have been on the cloud reporting aspect. We've had a couple of issues here or there, but their support people were able to get us fixed up in a couple of hours. As far as the on-premises stuff, the only issues we've honestly had with it were problems of our own making. We didn't keep an eye on storage and it filled up but that was a lack of monitoring on our side. Since then it's been rock solid.

I haven't thrown anything at it that it can't handle. The report generation slows down the larger your environment gets, and the greater the number of scans you're trying to integrate into a single report. Even with the increased resources that we gave the server when we did a rebuild hasn't caused any problems. I would anticipate that if you're getting up into the tens of thousands of devices and trying to report across all of those, I could see that grinding to a halt a little bit.

Otherwise, scalability is great. We have more than doubled the number of devices that we're scaling since we did the initial install. We're up to somewhere around 6,000 now and it's chugging right along.

The technical support have been a pleasure to work with. 

The initial setup was pretty straightforward. There were a couple of things with integrating and some areas where it gets a bit more complex, but for the most part, it was very straightforward, especially for how powerful a solution it is. We're running a fairly advanced setup here with multiple scanning engines, scanning pools, and integrations into other systems in our environment and all of that. Defining all of the sites and asset grouping and all of those sorts of things, took some additional time after that. You'd have to do that no matter what. 

We used professional services from Rapid7 to assist with the initial deployment and set up was completed in less than two days. They were great. They took their time and didn't just do the setup, they also included user education and they have continued to reach out since then and make sure we're getting value from the product.  

Our licensing costs are somewhere around $40,000 annually. There are no additional fees. We will probably increase our license count annually as our environment kind of naturally grows. We started out with probably about a third of the network covered and we are up to probably 75, 80% now. We'll get that up to over 99%, I'm sure.

We looked at a few other options: Acunetix was on the list and we looked at Manage Engine, Nessus, Rubric, Alien Vault, Microfocus, ArcSight, FireMon and RedSeal. On the vulnerability management side, we were very, very impressed with Rapid7 and the Insight VMware product. We looked more in-depth at a few of the others but VMware Insight stood out. The ease of use on VMware Insight coming from an organization that doesn't have a large dedicated security team, and being able to split out some of those responsibilities amongst people who may have a strong IT background, but may not have an IT security background really helped us out. It became a no-brainer at that point.

It's important to take the time to have a full understanding of how schemes are scheduled, how sites and asset groups are set up and make sure it's done upfront. It's a big help. If you remove an old site and recreate it with small differences you lose some of the data associated with the old site. Getting the organization sorted from the beginning would be the biggest piece of advice.

It's very important to know what your environment is made up of. People often leave companies without documenting things and there's a lot that not everybody knows about because it was in the back of someone's mind. We now have a great repository of information on what's active on our network, what's installed on it, how all of those systems are interacting, and really having that visibility is great. One of the big lessons we were able to get value from immediately was really just having good visibility of what's in our environment.

It's a very solid product, reporting is great, it's reliable. We have a lot of faith in the results it gives us. At least once a week, I get a notification with some great new features that they've added that I didn't really even know I wanted, but now I have it and can't imagine life without it. 

The product is cloud-based, but with an on-prem portion, but it all auto-updates. The actual scanning engine and all of that is on-prem for us. It's a SaaS solution, it's not one where we are running our own servers. It's provided as a service for us on the cloud. The on-premises stuff that we're running is just virtual machines on our VMware environment.

I would rate this product an eight out of 10. 

We are system integrators. Our clients normally use it to detect vulnerabilities in terms of a lack of patches in certain systems and databases. Its console can be installed on-premise or on the Rapid7 data center.

When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability. 

It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem.

In terms of improvements, its price could be better. Our main issue with Rapid7 is that it is too expensive. You can only sell it to enterprise accounts. 

In terms of new features, Rapid7 came up with a product called InsightIDR a couple of years ago, which is a good SIEM solution. We expect that Rapid7 will work on some sort of integration between InsightVM and InsightIDR, where vulnerability or anomaly detected by InsightVM can be reported in InsightIDR in some sort of real-time.

Rapid7 doesn't patch. For example, if you have a vulnerability, some products can scan and also do the patching, but Rapid7 does not do the patching. It would be nice if it can also patch.

We have been working with this solution for the last three years or so. 

It has been stable. There is nothing that has caused any major damage to our customers. Normally, what happens is that when something goes wrong, the customer normally blames the tool first before admitting that they touched something or whatever the case may be.

We have a couple of customers with various company sizes, and we haven't had any scalability issues. Rapid7 is pretty much an enterprise solution. We're talking about customers with more than 1500 nodes to scan.

Their technical support is very good.

I don't handle the installation, but it was not difficult to implement. The basic setup took us about four days or so.

Normally, for a product like this, the complexity of implementation is proportional to the size of the infrastructure that is going to be scanned and also how heterogeneous it is. An enterprise product like this is not like using a coffee maker. You need to have some knowledge of where you are installing it. You also need to have some knowledge of the technology that you are going to scan. You can't scan everything in the same way.

Its price is too high. My only concern or issue with Rapid7 is its pricing.

Our clients evaluate Qualys, Tenable, and Rapid7. It doesn't really matter which one you choose. You cannot go wrong with all of these products. They have been very well ranked by Gartner. The main difference is probably the pricing.

I would recommend this solution. I would rate Rapid7 InsightVM an eight out of ten.

The main purpose for using Rapid7 InsightVM is vulnerability management and visibility.

The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable. Also the functionality. 

It is a single pane of glass that I can do most things.

I see ongoing progress constantly. There isn't much opportunity to make recommendations for improvement from our end. Technology does what we want it to do.

The only issue I have with their business plan is how they interact with South African enterprises. 

They have one singular distributor that I must work with, and that is where my two points go. 

I can't interact with Rapid7 directly. I must work via the local incumbent, the distributor. And working with this third party can be tiresome at times.

Rapid7 InsightVM doesn't work with us directly. I have to work with a  distributor. If I need quotes or technical support, for example, I have to work with the distributor rather than Rapid7 InsightVM directly.

We are a registered reseller and a trusted partner. However, for us to get any support from them I can't log a call directly with Rapid7 InsightVM. I have to work with the distributor to log the call for me.

I have been working with Rapid7 InsightVM for two to three years.

We are using the latest version.

Rapid7 InsightVM is very stable. I would rate the stability a five out of five.

Rapid7 InsightVM is a scalable product. I would rate the scalability a five out of five.

We have approximately 1, 500 endpoints in our company.

It's not users, but endpoints, because the model is built around the endpoints you want to monitor. We run on around 1,500 endpoints. It is not user-specific.

One person can easily manage this solution, but we have a team of four engineers to manage our environment.

I have not contacted technical support directly.

We also use Tenable Nessus.

I am not involved with the initial setup. I have a support team that is managing that.

We deploy it depending on our client's requirements. We use it as well as our clients.

The deployment was done in-house. We do it ourselves.

We had four, and all four worked on the project. This is not to say that there is just one primary job or four main jobs. Our engineers all work as a team.

I can definitely see a return on investment.

It's good. We get the value from the product.

We purchase annual licenses.

We provide our own support. We have resources that have been certified to work on the product. It is purely the license fee.

In terms of affordability, I would rate it a three out of five.

I believe they see us as resellers because we resell it, but when we use it for professional services, they regard us as partners. They use both terms in the same sentence.

We support it.

I strongly recommend it. It's a good product. 

It's only the backend support that needs to be improved. However, there isn't very much that has room for improvement in the product right now.

They are not flawless. We have had problems here and there, but overall, I would rate Rapid7 InsightVM an eight out of ten.

We use the solution mainly for servers and vulnerability management.

The solution's user interface is good and has some vulnerability prioritization. Rapid7 InsightVM has good integrations with ServiceNow and its own remediation project creation options.

Rapid7 InsightVM is not PCI certified, which didn't help us in the London office because of the Cyber Essentials Plus certification, which is mandatory there. We had to outsource the vulnerability management for the London office.

One of the most important things for a vulnerability management tool is the identification of vulnerabilities. When it comes to Rapid7 InsightVM, the vulnerabilities are not updated within its database. This is one of the major things that should be changed in Rapid7 when it comes to customer reliability. If the database is not updated, it could jeopardize the customer's servers and data.

The solution's support staff does not reply on time, which should be improved. Rapid7 InsightVM should improve its threat intelligence.

I have been using Rapid7 InsightVM for the last few years.

The solution's initial setup is good.

Overall, I rate the solution a six out of ten.

With InsightVM, I continuously monitor my network by setting up regular scans to identify vulnerabilities in real-time. It IS particularly useful for focusing on customer-facing systems at our perimeter, helping me prioritize and quickly address any security risks.

InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure.

One area I would like to improve in InsightVM is its integration with other solutions, particularly for better compatibility with upcoming tools we plan to adopt. Enhanced functionality for budget management or change management databases could also be beneficial.

I have been working with InsightVM for over two years.

I would rate the stability of the solution as a nine out of ten.

InsightVM's scalability is top-notch and I would rate it a solid nine out of ten. Being a cloud-based solution, it effortlessly adjusts to accommodate varying needs and can easily scale from small to large environments.

Rapid7's technical support is highly responsive and helpful. I would rate them as a nine out of ten.

Positive

I chose Rapid7 over Tenable Nessus because of its better performance, comprehensive functionality, and stronger support for operating systems and services. While Tenable Nessus may be cheaper, it lacks integration with other features and is more suited for SMBs rather than enterprises.

Implementing InsightVM was straightforward. Setting it up to scan external networks at the perimeter was effortless; I just needed to create a cloud account and start using the solution. For internal network scanning, I installed the software on my notebook, which took about five to ten minutes for a single version setup, but it is important to note that it doesn't support Windows platforms.

InsightVM's pricing can vary depending on the coverage needed. While it may not be the cheapest option, purchasing an unlimited license could be cost-effective for larger environments. For smaller needs, it might be more expensive compared to competitors. I would rate the affordability of the product at a four out of ten.

I prioritize vulnerabilities in InsightVM by first focusing on customer-facing systems at our perimeter, which helps me quickly identify and address any security risks. Then, I utilize the cloud-based engine to scan internal networks and ensure comprehensive coverage without the need for complex on-premise solutions, making it easy to manage from my notebook connected to the internet.

Additionally, in InsightVM, we prioritize vulnerabilities by utilizing comprehensive data sources like the NVD and Rapid7's specialized risk calculation methods. The solution provides detailed information, including exploitability and impact, and evaluates whether vulnerabilities could be exploited in specific environments like NetApp.

I would recommend InsightVM to others. Overall, I would rate the product as an eight out of ten.

We primarily use it for inventory and vulnerability management in our environment. We also use it to identify real risks and focus on container email scanning.

The most valuable feature for me is the risk calculation based on monthly effects. It's interactive, and the risk calculation depends on various factors such as quantity, hardware, and package used.

The team needs to improve the speed and focus on the new bandwidth feed. Sometimes, it takes a while to scan, especially with new updates. So, they should update the database quickly for the scanning to work more efficiently. Additionally, they should add pack management solutions for better integration with products like Microsoft FC and IBM Bigfoot.

They need to add more features or focus on work screening, and adding pack management solutions would be great. Moreover, there is room for improvement in technical support.

I've been using it for about three years now.

It is a stable product, and I would give it a seven.

It is a scalable product. Currently, there are around 1,000 users in my company using Rapid7 InsightVM.

Customer service and support are usually responsive, but there is room for improvement in their response time. The quality of support is good.

The initial setup is simple.

Along with Rapid7 InsightVM, we use Metasploit for already scanning. We also use it for website vulnerability scanning. For vulnerability scanning, we also use solutions from Tenable Network Security. Tenable is better because of its more frequent updates. However, it may depend on the industry and the use case. For now, Nessus is better for vulnerability scanning because of its ability to quickly and accurately detect vulnerabilities. However, Rapid7's team should work on improving the capacity of InsightVM to do the same.

Overall, I would rate the solution an eight out of ten.

The core domain use of the solution is verification, scanning, and finding out the vulnerabilities in real time.

The ease of deployment and configuration allows users to onboard quickly, aligning smoothly with various functionalities.

The data sheet is good in pricing and promises. The customers are very price-conscious. You have to satisfy technical requirements. This combo makes the product valuable and usable.

Two things are consistent. The rest of the things run fine. The technical side does not respond quickly. They take a lot of time. The priority should be to respond to the customer to serve the customer.

I have been using Rapid7 InsightVM for more than three years.

The solution’s stability is good. It keeps on running. There are no system complaints.

The solution’s scalability is linked to the new scope and the cost.

We are actively seeking alternatives. If you can offer a better solution, superior after-sales service, and overall better everything, we would like to explore what you have to offer.

The initial setup is not so complex. It is quickly deployable configurable and integrated with your existing setup.

The common process for Rapid7 InsightVM involves comparing it against their standard procedures to ensure compliance with the required licenses and resources. Users download the necessary files and initiate/reactivate licenses. Certain configurations are also set up. This process typically takes two to three days for the department, but we usually allocate a week for completion.

Our team feels enabled enough after completing the training session on Rapid7 InsightVM. We conduct our tests independently, and whenever we need support, we seek assistance directly from Rapid7. This process isn't overly complex or time-consuming. We ensure thorough preparation by gathering all necessary information, addressing internet concerns, and informing the customer. Once fully prepared, we proceed forward.

The solution’s pricing is good because the value proposition delivers a report box. It is not very costly.

Since the product is cloud-based, there's no maintenance. Whatever the information or the customization of the customer needs to be confirmed. The hardware needs maintenance.

Overall, I rate the solution a six out of ten.