Rapid7 InsightCloudSec Reviews

The organization I'm currently contracting for uses it for their estate. They're using Kubernetes and moving their entire estate into it, so I'm getting Rapid7 running in Kubernetes.

It seems pretty good so far. I have a meeting with the security team to review the results we're getting from it. 

I'm still early in the journey; I need feedback from the security team. I'm just the engineer deploying it.

We have multiple Kubernetes clusters in different environments: Dev, QA, UAT, etc., and we go through to production.

I've been getting it running on our Kubernetes clusters. I have a review with the security team who are the main users. Compared to Microsoft Defender for Containers and Sentinel, it seems comparable. I'm considering using Defender for Containers on the AKS cluster and feeding that into Rapid7 since it's used across our entire estate.

I had to patch a problem with taints on our nodes in our AKS cluster. I had to write a custom patch to get Rapid7 to run on those nodes. I emailed Rapid7 support, but they didn't have any documentation on how to patch it. I was disappointed as I thought this would be a common issue.

I've been working with it for a few days, actually—not very long. I've been evaluating it.

It seems to be running fine. It runs every hour and has been reliable since I started it last week. 

It wasn't good, but the response was fast. 

The response was "we don't know, and we'll put this to the development team." That was about three or four days ago. I haven't received further communication. The last reply was on July 5th, 2024.

But, the fast reply alone deserves some credit. They replied in about three or four hours. But the reply itself wasn't very helpful. It was just "we don't know." At least they replied and let me continue with my own solution.

My current organization has been using Rapid7 for some time. They chose it for RISO compliance, and because the sales team was good, I guess. They have it in place now, so I have to work with it. They're moving their workloads to Kubernetes, and that's why they hired me. I can work with anything, and Rapid7 wasn't too hard to patch, except for the toleration issue. 

I got it running last week, and I'm waiting for a meeting soon to see if they're happy with it. If so, we'll move it through the various environments and get it running everywhere.

It took me a couple of days. I had to patch a problem with taints on our nodes in our AKS cluster. I had to write a custom patch to get Rapid7 to run on those nodes. I emailed Rapid7 support, but they didn't have any documentation on how to patch it. I was disappointed as I thought this would be a common issue.

I resolved it myself. It wasn't difficult, but I assumed they would have already solved it. Using taints to allocate or deny access to workloads is common in production Kubernetes clusters for security. 

Overall, it seems pretty good. The dashboard and information from Rapid7 are useful and interesting. It compares well with Sentinel and Defender for Containers. I haven't done a feature comparison yet.

I'm the engineer deploying it and got it running properly.

I'm not the end-user, just the deployer. 

From the deployment aspect, I'd give it a five out of ten. The support was good, and it was easy to deploy myself.

We use Rapid7 InsightCloudSec as a CSPM tool. 

The tool's most valuable feature is workload protection for Kubernetes and container security. It has agents that identify bugs or lack of security on runtime containers. 

The tool needs to improve its documentation.

I have been using the product for eight to nine years. 

The product's on-prem version had many challenges. The SaaS version is working fine. 

Rapid7 InsightCloudSec is scalable. 

Rapid7 InsightCloudSec's deployment is straightforward. 

I rate Rapid7 InsightCloudSec an eight out of ten. 

We use DivvyCloud to monitor our workloads in Docker and Kubernetes. From a security classification point of view, we use it to ensure that the workloads are protected. This ties into our DLP. We have a DLP policy and then a data classification. 

The data is classified as critical, private, and privileged. We also have policy controls that allow whoever the users are to gain access to these cloud resources. We use that tool to provide the framework and also the governance.

I find the security frameworks and security tools valuable. I think they're good in the infrastructure of the code security. They are also good at threat protection.

Technical support could be better. It could also be easier, more user-friendly, and intuitive. The API keys aren't easy to understand, and the cloud layouts aren't intuitive and user-friendly. We should be able to integrate IM governance and APIs into non-compliant workloads like legacy solutions. 

As far as the interface goes, I would like the look and feel to be a little bit more modern. Sometimes the interface is a little bit cloggy, but that's just my preference. This is because it's different from the other panes of glass we use within Rapid7's portfolio. It's a different view because they acquired that company. Maybe long-term, they are going to integrate that into their other product portfolios.

I've been using DivvyCloud for about four and a half months.

We're happy with the stability of the solution. However, the interface is sometimes slow because it's a SaaS application or a cloud service that's a little bit slow at times. 

We feel like it's going to be able to scale according to our needs. We have about 15 developers using it right now.

I'm not impressed with their support right now. Their support model is not really good. They have a portal or forum, and we did have some dialogue with them on the initial setup.

The initial installation was a little difficult, but we're using that as a template. However, prior to deploying that tool, we ensured that all of our workloads followed a standard framework for building out those containers and those workloads in the cloud. 

Technical support was able to assist us with this template, but it was a little bit of a challenge initially. However, now we're able to use that and fairly easily retrofit that onto new workloads. It took us less than two months to deploy this solution. But we're still developing the policies that go behind that and should be completed by late September.

We implemented this solution ourselves, but we did have some engagement with Rapid7. We didn't pay for professional services. We just used their technical support. 

It's saved us a little on the back end in Azure costs. 

We're doing an annual subscription. There are additional expenses, but not within the confines of this platform. 

We looked at a couple of other CASB solutions like Proofpoint CASB and Microsoft's CASB solution. We went ahead and selected DivvyCloud because we were already a Rapid7 user and a customer in relation to managing detection and response. 

My goal was to try to limit the number of different tools and keep tools consistently in one framework. That's kind of one of the reasons why we selected DivvyCloud. 

I would advise new users to have all their ducks in a row first. It would be best to have all your governance and framework policies built ahead of time regarding how you will deploy it. I think it's very difficult to deploy a solution without knowing what your internal processes are going to be. That's kind of a mistake that we've made in the past and continue to make.

On a scale from one to ten, I would give DivvyCloud an eight.

In India, most customers currently focus on cloud security solutions. Particularly, they are concerned about data security for their workloads on AWS and Azure platforms. These are the things we encounter from customers.

The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customers with a robust understanding of cloud security.

As many customers are transitioning from on-premises to cloud environments, it is crucial to enhance security posture. It offers insights into data location, vulnerabilities, and overall security measures for cloud-based workloads.

The solution's most valuable features include its intelligence platform and ability to provide a holistic view of organizational threats. It offers visibility across various environments, including cloud and on-premises, as well as applications and external sources.

The real-time threat detection capability operates more near real-time rather than instantaneously. However, the tool proactively identifies vulnerabilities before they become known to the respective vendors. The solution offers a vast database of vulnerabilities and international threat exposure to recognize attack signatures.

Customers have successfully addressed compliance issues using the policy engine. For example, they utilize a comprehensive database with 150 attack scenarios. Additionally, it offers tools for endpoint reduction, encryption, and response, as well as to capture vulnerabilities and facilitate vulnerability disclosure.

The tool's integration capabilities are extensive and widely utilized by many customers. Technically, partners are fully capable of integrating it. Additionally, it has a team in India that can support customers with integration. Overall, their strong partner channel network ensures effective integration of the product into existing networks.

Rapid7 InsightCloudSec could be better at showing dashboards for virtual firewalls and appliances. Compared to other solutions like Palo Alto, this area is not as good. So, they should work on improving this for virtual devices.

I have been working with the product for more than a year. 

Rapid7 InsightCloudSec is stable. 

The tool is scalable. 

The solution does offer support across other regions, but they currently lack a local support center in India. Improving this aspect would certainly be beneficial. 

Neutral

We have been comfortable with the tool's deployment process. Maintaining it isn't too difficult. The retention rate for renewals has been pretty high, indicating customer satisfaction. The solution seems to be maintaining performance well. The attention data is high compared to other vendors, suggesting clients use it. They're also investing in more customer success managers to improve retention and usage. Overall, maintenance seems to be well-managed.

I rate the overall product an eight out of ten.