Share your experience using Fortra's Digital Defense Frontline VM

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

Andrei Bigdan - PeerSpot reviewer
Executive Manager at B2B-solutions.pro
Real User
Top 5Leaderboard
Particularly useful for focusing on customer-facing systems and offers excellent scalability
Pros and Cons
  • "InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure."
  • "One area I would like to improve in InsightVM is its integration with other solutions."

What is our primary use case?

With InsightVM, I continuously monitor my network by setting up regular scans to identify vulnerabilities in real-time. It IS particularly useful for focusing on customer-facing systems at our perimeter, helping me prioritize and quickly address any security risks.

What is most valuable?

InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure.

What needs improvement?

One area I would like to improve in InsightVM is its integration with other solutions, particularly for better compatibility with upcoming tools we plan to adopt. Enhanced functionality for budget management or change management databases could also be beneficial.

For how long have I used the solution?

I have been working with InsightVM for over two years.

What do I think about the stability of the solution?

I would rate the stability of the solution as a nine out of ten.

What do I think about the scalability of the solution?

InsightVM's scalability is top-notch and I would rate it a solid nine out of ten. Being a cloud-based solution, it effortlessly adjusts to accommodate varying needs and can easily scale from small to large environments.

How are customer service and support?

Rapid7's technical support is highly responsive and helpful. I would rate them as a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I chose Rapid7 over Tenable Nessus because of its better performance, comprehensive functionality, and stronger support for operating systems and services. While Tenable Nessus may be cheaper, it lacks integration with other features and is more suited for SMBs rather than enterprises.

How was the initial setup?

Implementing InsightVM was straightforward. Setting it up to scan external networks at the perimeter was effortless; I just needed to create a cloud account and start using the solution. For internal network scanning, I installed the software on my notebook, which took about five to ten minutes for a single version setup, but it is important to note that it doesn't support Windows platforms.

What's my experience with pricing, setup cost, and licensing?

InsightVM's pricing can vary depending on the coverage needed. While it may not be the cheapest option, purchasing an unlimited license could be cost-effective for larger environments. For smaller needs, it might be more expensive compared to competitors. I would rate the affordability of the product at a four out of ten.

What other advice do I have?

I prioritize vulnerabilities in InsightVM by first focusing on customer-facing systems at our perimeter, which helps me quickly identify and address any security risks. Then, I utilize the cloud-based engine to scan internal networks and ensure comprehensive coverage without the need for complex on-premise solutions, making it easy to manage from my notebook connected to the internet.

Additionally, in InsightVM, we prioritize vulnerabilities by utilizing comprehensive data sources like the NVD and Rapid7's specialized risk calculation methods. The solution provides detailed information, including exploitability and impact, and evaluates whether vulnerabilities could be exploited in specific environments like NetApp.

I would recommend InsightVM to others. Overall, I would rate the product as an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Md. Shahriar Hussain - PeerSpot reviewer
Cybersecurity and Compliance Lead Engineer at Banglalink
Real User
Top 5
A security solution for vulnerability assessment with automated scans
Pros and Cons
  • "The most important features are the dashboard and reporting. The dashboard provides statistics with graphs and bar charts for our management."
  • "Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers."

What is our primary use case?

We use Tenable Security Center for vulnerability assessment purposes within our security infrastructure. The solution helps identify management-related issues and automatically forwards the ticket to our stakeholders, as well as an auto-alert mechanism. Additionally, we have integrated it with our SI solution.

The primary use case involves automated scheduled scans. We have established an asset inventory, and there is a scheduled quarterly automated scan. This process sends the results, thereby reducing manual tasks. The more automation we implement, the fewer errors occur, resulting in a faster and more efficient process.

We also use it for continuous network monitoring. We scan network devices such as Cisco routers, load balancers, and WAN devices. If any suspicious network activity arises, the system saves the results.

Our organization also uses Power BI. There are a lot of scripts that are already integrated to check compliance within the organization. We aim for at least 75% of the benchmark. Tenable's solution assists in representing the level of compliance achieved, whether it be 70%, 80%, 90%, or 95%. We have installed agents on various server types, and adding them to the scan does not require manual credential entry each time. The solution provides comprehensive results on the dashboard for each service by simply clicking on the play button.

What is most valuable?

The most important features are the dashboard and reporting. The dashboard provides statistics with graphs and bar charts for our management. We can be amazed at how much compliance and patch management are followed; everything can be represented in a single interface.

The solution is connected to our network. We can easily track it with the Tenable Security Center. Without the solution, it's very difficult to track whether or not a new asset is added.

The solution’s configuration is vast. There are so many configurations leading to confusion. It varies from organization to organization based on the Center and new compliance. Suppose some organizations follow the ISO Center. If your organization is a financial organization, it may follow PCS standards. If your organization is healthy enough, it may follow HIPAA standards. You can configure it according to the organization’s compliance. Hence, it's very flexible.

What needs improvement?

Additional costs are associated with using the solution, as additional scanners are required for different endpoints connected to the Tenable Security Center. If Tenable Security Center could extract information from these scanners automatically rather than manually, it would enhance user-friendliness for customers.

For example, suppose I manually conducted CIS hardening or compliance scoring in a separate data centre. These scores should also be reflected in the Tenable Security Center dashboard. Since the scanner is connected to the Tenable Security Center, the dashboard should display the direct scan results from the general security centre and the connected scanners.

There could be unusual activities or attacks with the rising AI-related issues or threats that the Tenable Security Center could track in the future.

For how long have I used the solution?

I have been using the Tenable Security Center for 4.5 years.

What do I think about the stability of the solution?

The product is very stable.

I rate the solution’s stability a ten out of ten.

What do I think about the scalability of the solution?

The solution’s scalability is good. If you have a license, it's very scalable.

Only two users are good enough for the solution.

I rate the solution’s scalability a nine out of ten.

How are customer service and support?

There were no delays from customer support. They usually give instant responses for both online and local support.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Tenable is the most user-friendly solution in the market among the other competitors. I also use Qualys and Rapid7 in separate organizations.

How was the initial setup?

The initial setup took very little time to deploy and more time for asset management. The selection of the assets depends on your organization. Considering the installation and normal scan, it took less than a day to deploy.

I rate the initial setup a nine out of ten, where one is complex and ten is easy.

What's my experience with pricing, setup cost, and licensing?

The solution’s pricing is reasonable but depends on the country's foreign reserves. You have to buy it at the price of USD. Hence, it depends on your country's currency rate.

What other advice do I have?

It is very difficult to manage internal servers from the server team. You should go for the cloud if you want to manage any extra hardware or VM.

We were able to integrate with other security solutions, like SIEM, and activate monitoring. There were no challenges in integrating it. However, it doesn't support all types of SIEMs except major SIEMs like IBM QRadar and Splunk.

I recommend first configuring your alert monitoring system and doing the configuration with the advice of OEM support staff. It's very easy to use. If you want to compare it with other solutions, you can use the beta version or demo version, and you will be confident and strong and use it happily and without any pain.

Overall, I rate the solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate