Rapid7 InsightVM Reviews

We use the solution to scan our internal OS and applications. 

The solution protects us from vulnerabilities. If it sees anything, it can tell us about the vulnerability and ranks it as critical or high risk. It allows us to take action immediately to protect our company from attacks.

The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at. 

The solution has an excellent feature that scans for vulnerabilities that may affect the Windows operating system. It helps us avoid being affected by WannaCry or other malicious attacks of that nature. It's one of the most useful features that we have. We're able to see more vulnerabilities before they become an issue due to the fact that it's so protective. It's great at helping us avoid malware or ransomware.  

The solution needs to improve its smart monitoring. 

There needs to be much clearer instructions surrounding scanning. 

As for new features, I can't think of anything that's lacking. It's pretty good overall in terms of feature offerings.

I've only been using the solution for half a year - approximately six months. It hasn't been too long.

The solution is very stable. There are no bugs or glitches that I have witnessed. The solution doesn't crash. It's very reliable.

The solution is very flexible and very scalable. A company that needs to add it to their endpoints should have no issues doing so. I don't think there is a limit as to how many are possible.

Typically we deploy this solution to medium-sized enterprises in microfinance and insurance.

I've been in contact with technical support in the past. they're very good. We're satisfied with the level or attention they give us and the information they share.

The solution doesn't really have a complex setup. It's easy to set up and integrate with the endpoint. We install insights at our endpoints to help us collect vulnerability information from there.

We can also install it again and again and use active scanning to conduct vulnerability testing at the endpoints. It's very simple.

Deployment doesn't take long at all. Currently, we can deploy in around two or three days and then integrate it with the endpoint after we've gotten clear instructions from InsightVM.

The steps we choose for implementation are as follows: we first need to follow the instructions to install network communication, from the endpoint to InsightVM. Network communication from the endpoint will go to the scan engine and from the scan engine to the management console of Insight. 

After we satisfy this, we start implementation and we start to deploy the engine to the endpoint. After that, we run a scan from the site configuration of each endpoint scope and we file the report displayed on the dashboard. Lastly, we export the report and provide it to the correct person that needs to be involved at the IT end of things.  

In terms of the number of staff we use for deployment, from our side, we have two people to help manage everything. For the customer, we have four people to coordinate with the internal team. In total, we have six people involved with deployment. Our team includes a deployment engineer and from the customer's side, members of security operations.

Normally, we have both the reseller and the vendor to assist with deployment. From the vendor, we just consult on the step and classify each endpoint. After that, we'll discuss next steps with our team. Currently, we have a distributor that provides this product to us. We work with the vendor and work with the reseller to deploy everything to the customer's systems.

The solution offers flexible pricing.

We're a partner of InsightVM.

We're most likely using the latest version of the solution, however, I'm not sure which exact version number it is.

We've deployed on-premises with a local scan engine.

I'd advise companies that are looking into vulnerability assessment or faster deployment, to check out InsightVM. It's easy to expand as necessary and offers flexibility in its pricing.

I'd rate the solution nine out of ten.

We use InsightVM for capacity forecasting.

I've been working around, I don't know, it's about three years.

I rate Rapid7 nine out of 10 for stability.

I rate Rapid7 nine out of 10 for scalability.

I rate Rapid7 support nine out of 10.

Positive

I rate InsightVM eight out of 10 for ease of setup. It takes two or three engineers to deploy. The solution requires some maintenance. It's mainly cleaning up data. 

I rate Rapid7 InsightVM 10 out of 10.

Rapid7 allows you to scan the entire network to discover information about devices, such as the type of operating system. 

I like Rapid7's scan optimization options.

Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches.  

I have used Rapid7 for about five months.

The product isn't stable. Sometimes I attempt to log in using the correct password, but I can't access the server. It tells me that the password is wrong, so I have to reboot the server to access it. 

We pay a monthly license. 

I rate Rapid7 InsightVM seven out of 10.

InsightVM is good. It's easy to use. It's fast, it's a powerful, easy to access tool.

I have had some difficult problems with InsightVM. The InsightVM cannot scan if we connect to our customer by the VPN. I asked the Rapid7 support, they told me that the InsightVM can only work on the same network. We cannot use InsightVM by VPN. It also consumes a lot of memory. It would be good if they could resolve that.

We worked with Rapid7 InsightVM for one year.

It is very stable, but it consumes a lot of memory.

Scalability is good on the same network but not if you have to connect to another network.

I think the support is okay. They responded very quickly, and it was sufficient.

InsightVM is Window-based. It is easy to install and easy to use.

It took us about half a day to set up. When we bought from the distributor in Thailand, the distributor sent an engineer to install and explain how to use it and how to customize the report.

My team uses a small tool such as Tenable Nessus and Rapid7 InsightVM, but when we use both tools and compared the report, Tenable Nessus is very easy to consolidate, to expand to our customer, but InsightVM is very difficult. We would have to cancel it to explain the daily part to our customers.

I would recommend having the distributor help you to explain how this software works and to help with the details. I would rate it at an eight out of ten.

We use Rapid7 InsightVM mostly for VM management.

The solution is good because it has a lot of options.

The solution could improve by being more secure.

I have been using Rapid7 InsightVM for approximately one month.

The solution has been stable.

Rapid7 InsightVM is scalable.

I have not needed to contact the support at this time.

The installation is simple, it took us approximately six hours.

I did the implementation myself.

I would recommend this solution to others.

I rate Rapid7 InsightVM a nine out of ten.

We use Rapid7 for our vulnerability assessment. It scans the network, identifies all of the assets that are present, and then identifies all of the vulnerabilities due to non-patching those systems. Based on that, we can generate reports and make sure that those applications or servers are patched on both the operating system and application level.

The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices. It will extract all of the information, including the rating and vulnerabilities, in all of the applications that are present, on each of those machines. This is quite relevant because if you have many applications on one server then you don't know if they are individually patched, or not.

The dashboard is not difficult to manage.

The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report. Improving the filtering capability would make the reporting easier.

We would like to have penetration testing features built into Nexpose, as it is the next area that we are going to be concentrating on. We have not yet tried it, but it is on our roadmap.

We have been using this solution for one year.

We have not had any issues with stability. For what we are using it for, it is okay, and we use it on a weekly basis.

We have five people who are working with Nexpose and we have not yet needed to scale.

We have been in touch with support on one or two occasions but I was not the person who dealt with them.

The initial setup is not complex. As soon as you deploy, you start by opening all of the needed communication tools on all of the target systems. In our situation, we deployed gradually as opposed to doing everyone at the same time.

We have five people who have access to this solution and can maintain it. They do not work on it full-time but can do site scanning and generate reports when needed.

A third-party was brought in to implement this solution. However, I have done some of the upgrades and I would say that it is straightforward enough that it is not necessary to bring in anybody else.

My advice for anybody who is implementing this solution is to begin by clearly identifying infrastructure and the most critical assets. This tool will give you good visibility into the network and the assets, but it is only the starting point. It is really the input for the process that you have in place to follow up and patch the assets. Simply knowing that they are vulnerable is not good enough, so the right process has to be put into place before it will work effectively.

I would rate this solution an eight out of ten.

We use the solution for vulnerability management of our on-cloud environments.

The solution provides all the required features for vulnerability management.

They should improve the cybersecurity feature of the solution.

We have been using the solution for a month.

It is a stable solution. We can connect it with other platforms easily.

We have four to five solution users in our organization.

The solution's initial setup process is easy.

The solution's license costs around $30 per month. It is less expensive compared to other competitors.

I advise others to consider the number of IP addresses required to be scanned for their network while opting for Rapid7. I rate the solution as a nine.

The solution is similar to Tenable, but Rapid7 also comes with Insight - Detection and Response, which integrates with InsightVM. This alerts the customer in the event of an attack or updates him about the status of a vulnerability. The solution provides increased visibility in the environment when integrating between these two products. 

All products have room for increased security and Rapid7 InsightVM is no exception. This is why I do not give a perfect score to any product on principle. 

We have been using Rapid7 InsightVM for a couple of months.

The solution is stable. 

The solution is scalable. 

We have plans to increase its usage.

I have some experience with Tenable Nessus, although I did not use it on a professional basis. 

When it comes to the process, installation is very easy and does not take long. As a matter of course, installing a VM and connecting to a portal is easy. That is all that is needed. Time-wise, this may take an hour. Once the portal and scanner are connected one can start getting the environment. 

The license is annual and this is the optimal approach when it comes to most software. 

The solution is hybrid, meaning that if installation is required it must be done on the environment itself, on-premises, the portal being cloud-based. 

The solution has very good integration, so I see no need for improvements in this regard at present. 

I have no issues with the stability, security, user interface, reporting, monitoring board or Techstar reports. These are all good. 

The documentation is quite detailed and straightforward. It is provided to me via the internet. 

Off the top of my head, I cannot think of anything needing improvement.

We have a single customer who is utilizing the solution, but he makes use of IDR, not IVM.

I would recommend the solution to others.

I rate Rapid7 InsightVM as an eight out of ten.