Rapid7 InsightVM Reviews

In our first use case, we wanted to map the solution back to our NIS (Network and Information Systems) framework and the CIS (Center for Internet Security that publishes Critical Security Controls). That is the first part. The second part of this same use case is that we wanted to do continuous vulnerability scanning. That is we wanted to scan the complete network every month at a minimum. What we are finding out in practice is that we are scanning every week because of our network and the size of it. In the end, we are able to get even more aggressive than our original position.  

The next use case was we wanted to identify the assets that were in our environment. We can identify how many servers we have, we have identified how many desktops and laptops we have got, et cetera. To that point is where we were looking at pretty good.  

Our next use case was the obvious next step where we wanted to identify vulnerabilities. That meant identifying all the vulnerabilities from critical all the way down to the low. We needed to know what they were and how many. Also, we wanted to know how many are unique versus how many there are in total.  

We also wanted to get away from tracking vulnerabilities on spreadsheets. It was incredibly cumbersome, incredibly hard to do, and it was not efficient. The IT guys kept telling me that they did not know how to fix certain issues. So I thought we needed to do CVSS ( Common Vulnerability Scoring System) on it. They were a bit resistant to that idea. Well, I was not about to start doing that for them. So InsightVM gives us the ability now to track the issues and communicate how the remediation should occur to fix vulnerabilities.  

Then the last thing is we wanted was to have a dashboard for management. We had to have a dashboard to be able to have a CIO (Chief Information Officer) log in and find out where we sit with things. Like where do we sit with remediation where are we failing to make expected progress and things of that nature.  

Rapid7 gave us the ability to do a lot of that, and it was not a cumbersome tool to implement. It is good and fits well with pretty much all of our use case needs. It only falls short in a couple of spots.  

Now that we have been using it, I think there are some things Rapid7 needs to consider and address in improving InsightsVM. I think the reporting piece has room for improvement. While they have a lot of reporting, and some of the reporting is really good, there are some things that I think they can do better on. They need to add some categories that are not covered and expand a few things that have only surface coverage.  

I would love to be on a customer advisory board so that I could provide feedback to them and show them what their solution does not do. For example, I could point out things that I can not do with a widget on the dashboard that I would expect it to be able to do. Things like that might help them improve the product from a real user's perspective. That could amount to a lot of different things, but ideally, it would focus on your most common issues.  

There were a couple of things I know that the security analyst and I were looking at and we were wondering why Rapid7 would choose to implement it that way. Like if they did not include something we needed as part of a report, we could not do what we expected when running the report. That is a little frustrating. I would say that they need to spend some more time evaluating enhancements suggested by customers so that they can get those things implemented and round out the user experience. That is the reason why I think a CAB (Customer Advisory Board) is important for vendors like Rapid7.  

We rolled it out in our operations between June and September. So we have been using it since June of 2020.  

I do not know at this point just how scalable this solution is. We bought it for an enterprise solution, so our enterprise need is getting solved. I do not know how much scaling we have to do on top of that. I do not like the fact that as a vulnerability scanner, this product has a fault to a certain extent. We want to be able to scan applications dynamically and this solution does not give us that ability. It does for web apps. But if you are a company that does not have a lot of web apps, something is getting left uncovered.  

Let's say you have a third-party app. You go to that third-party developer and you ask if they have ever done a security attestation on the application. They look at you and like they have no idea what the heck you are talking about and they have no idea what that means. It would be good, in that case, to be able to take the Rapid7 product and point it at that third-party app and scan it dynamically. That way you can get code vulnerabilities or functional vulnerabilities. What would otherwise be a problem is something you could identify and isolate. If Rapid7 looked at the scripting and identified a secret injection attack at line 1,141 — or something to that effect — it could be vetted. It does do that, but it only does that on web applications. Why stop there?  

In order to solve that issue, you have to go out and buy another third-party product that allows you to scan the application to do dynamic or static vulnerability scanning on the application. I do not like that omission because I had that capability with Qualys. We could take Qualys and we could point it at an application and get dynamic scanning reports from it. It told us a line that needed to be fixed and everything.  

I have not yet gotten into the bowels of that discussion with Rapid7, but I want to. What I did find out about it is our current setup does not cover that type of potential application vulnerability. It does allow for some scanning of web applications, but we are not a company that has a lot of web applications. We are not a retail organization. We do not sell anything. We do have web applications, but they are mainly used for marketing.  

We probably have close to a dozen people in our organization who are currently interfacing in some way with Rapid7 InsightVM. That part is scalable. The utility does have those certain limitations, however.  

We have a client service manager for Rapid7 tech support. He is an appointed customer service manager where we have him for the first year. We are working with him to identify things, correct things, implement, attune, and things like that. Because of that relationship, I do not have a need to call their regular tech support right now. We just worked through the service manager.  

I have had some previous experience with Qualys and using Rapid7 now is really a matter of what I chose to bring on based on my personal user experience. Each has its own advantages and neither is a bad product.   

The initial installation and setup were pretty much straightforward. We did run into an issue with credentialing. We ended up working through that and got that correct.  

I think it was done fairly quickly overall. When we ran into that credentialing issue, we spent about three weeks or so — almost a month — working through that. The issue meant involving some guys from some of the other IT teams and getting them into the mix to help us out.  

I had implemented InsightVM before at another company. I liked it when we were using it there which is why it ended up here. I have also had previous experience with Qualys. I did not have the time or the luxury to sit back and do a full analysis, RFI (Request for Information) and RFP (Request for Proposal) when we had to bring on the solution. We are not the CIA (Central Intelligence Agency), we are not the NSA (National Security Agency). We do not need any sophisticated solution or anything like that. We just needed something we could bring in, get online fairly quickly, and get running to do reports. Rapid7 InsightsVM fit the bill.  

On a scale of one to ten (where one is the worst and ten is the best), I would rate Rapid7 InsightVM as probably about an eight-out-of-ten. It gets an eight rather than scoring higher just because of some of the other stuff that I wish we had.  

Rapid7 allows you to scan the entire network to discover information about devices, such as the type of operating system. 

I like Rapid7's scan optimization options.

Patch management is the only missing feature I can think of. Rapid7 detects vulnerabilities, but it should also help you manage patches.  

I have used Rapid7 for about five months.

The product isn't stable. Sometimes I attempt to log in using the correct password, but I can't access the server. It tells me that the password is wrong, so I have to reboot the server to access it. 

We pay a monthly license. 

I rate Rapid7 InsightVM seven out of 10.

We use the solution to scan our internal OS and applications. 

The solution protects us from vulnerabilities. If it sees anything, it can tell us about the vulnerability and ranks it as critical or high risk. It allows us to take action immediately to protect our company from attacks.

The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at. 

The solution has an excellent feature that scans for vulnerabilities that may affect the Windows operating system. It helps us avoid being affected by WannaCry or other malicious attacks of that nature. It's one of the most useful features that we have. We're able to see more vulnerabilities before they become an issue due to the fact that it's so protective. It's great at helping us avoid malware or ransomware.  

The solution needs to improve its smart monitoring. 

There needs to be much clearer instructions surrounding scanning. 

As for new features, I can't think of anything that's lacking. It's pretty good overall in terms of feature offerings.

I've only been using the solution for half a year - approximately six months. It hasn't been too long.

The solution is very stable. There are no bugs or glitches that I have witnessed. The solution doesn't crash. It's very reliable.

The solution is very flexible and very scalable. A company that needs to add it to their endpoints should have no issues doing so. I don't think there is a limit as to how many are possible.

Typically we deploy this solution to medium-sized enterprises in microfinance and insurance.

I've been in contact with technical support in the past. they're very good. We're satisfied with the level or attention they give us and the information they share.

The solution doesn't really have a complex setup. It's easy to set up and integrate with the endpoint. We install insights at our endpoints to help us collect vulnerability information from there.

We can also install it again and again and use active scanning to conduct vulnerability testing at the endpoints. It's very simple.

Deployment doesn't take long at all. Currently, we can deploy in around two or three days and then integrate it with the endpoint after we've gotten clear instructions from InsightVM.

The steps we choose for implementation are as follows: we first need to follow the instructions to install network communication, from the endpoint to InsightVM. Network communication from the endpoint will go to the scan engine and from the scan engine to the management console of Insight. 

After we satisfy this, we start implementation and we start to deploy the engine to the endpoint. After that, we run a scan from the site configuration of each endpoint scope and we file the report displayed on the dashboard. Lastly, we export the report and provide it to the correct person that needs to be involved at the IT end of things.  

In terms of the number of staff we use for deployment, from our side, we have two people to help manage everything. For the customer, we have four people to coordinate with the internal team. In total, we have six people involved with deployment. Our team includes a deployment engineer and from the customer's side, members of security operations.

Normally, we have both the reseller and the vendor to assist with deployment. From the vendor, we just consult on the step and classify each endpoint. After that, we'll discuss next steps with our team. Currently, we have a distributor that provides this product to us. We work with the vendor and work with the reseller to deploy everything to the customer's systems.

The solution offers flexible pricing.

We're a partner of InsightVM.

We're most likely using the latest version of the solution, however, I'm not sure which exact version number it is.

We've deployed on-premises with a local scan engine.

I'd advise companies that are looking into vulnerability assessment or faster deployment, to check out InsightVM. It's easy to expand as necessary and offers flexibility in its pricing.

I'd rate the solution nine out of ten.

We're mainly using this solution in-house for now and our primary use case is for Red Teaming. I'm a security engineer and we are resellers of Rapid7. 

The discovery and prioritization of vulnerabilities is a good feature along with the investigation, the trials function. It's also user friendly. 

The solution is not multitenancy and it would be great if they could add some of that to the platform. 

The solution is stable. 

It's scaled to the cloud so scalability is not an issue and it's pretty flexible. 

I haven't used tech support. I've done all my troubleshooting online, it offers thorough explanations.

The initial setup is definitely straightforward.

There is an annual license fee which is pretty expensive because it's price per aspect. The pricing could definitely be cheaper.

If your company has the budget for this product, I would recommend it. 

I rate the solution seven out of 10. 

The solution is similar to Tenable, but Rapid7 also comes with Insight - Detection and Response, which integrates with InsightVM. This alerts the customer in the event of an attack or updates him about the status of a vulnerability. The solution provides increased visibility in the environment when integrating between these two products. 

All products have room for increased security and Rapid7 InsightVM is no exception. This is why I do not give a perfect score to any product on principle. 

We have been using Rapid7 InsightVM for a couple of months.

The solution is stable. 

The solution is scalable. 

We have plans to increase its usage.

I have some experience with Tenable Nessus, although I did not use it on a professional basis. 

When it comes to the process, installation is very easy and does not take long. As a matter of course, installing a VM and connecting to a portal is easy. That is all that is needed. Time-wise, this may take an hour. Once the portal and scanner are connected one can start getting the environment. 

The license is annual and this is the optimal approach when it comes to most software. 

The solution is hybrid, meaning that if installation is required it must be done on the environment itself, on-premises, the portal being cloud-based. 

The solution has very good integration, so I see no need for improvements in this regard at present. 

I have no issues with the stability, security, user interface, reporting, monitoring board or Techstar reports. These are all good. 

The documentation is quite detailed and straightforward. It is provided to me via the internet. 

Off the top of my head, I cannot think of anything needing improvement.

We have a single customer who is utilizing the solution, but he makes use of IDR, not IVM.

I would recommend the solution to others.

I rate Rapid7 InsightVM as an eight out of ten. 

We use it for vulnerability scanning.

The feature that I have found most valuable is its dashboards.

There is room for improvement on its cloud side.

In the next release I would like to see better reporting.

I have been using Rapid7 InsightVM for seven years.

It is stable.

Rapid7 InsightVM is scalable.

In my company, it is just my team of less than five people using it.

It requires one engineer for deployment and maintenance of the solution.

We do not have plans to increase the usage of the solution in the future.

Their customer support is really bad. On a scale of 1 to 10 I would probably give it a 1.

The initial cloud setup was difficult. It took months even though we worked with their professional services.

We used a consultant to implement.

We had a good return, but it could be better.

We pay 100,000 yearly.

We are thinking about changing right now. We have always used Rapid7, but we are thinking about changing now.

My advice to anyone considering Rapid7 InsightVM is to look at the other vendors first.

On a scale of one to ten, I would give Rapid7 InsightVM a 3.

The primary use is to protect against cybersecurity attacks in your digital infrastructure. One example of such an attack is credential-grabbing.

We have put in some requests for enhancements and they are listening quite well. When there is something that we want to have enhanced then we can easily chat with the people at Rapid7. If it makes sense and another customer thinks that it makes sense then it will be built into the next release.

We are very satisfied with the reports, as they provide us with the information that is required for our management. You can perform the queries that you need.

There have been instances where technical support takes a long time to update the status of a ticket, which is something that can be improved.

I have been using this product for about two and a half years.

The stability is okay.

In terms of scalability, this product is awesome. We have more than 5,000 users and we plan to increase our usage in the future.

The technical support is very nice. They are good and they listen to the customers, which is very important in my opinion.

There is always a demand for technical support to be faster. That said, I think it is much more important to have quality and communication. If I am going to be updated during the course of the case that is running, then that is okay with me. Also, as long as the quality stays in the system and they keep on improving, I am satisfied.

We switched to Rapid7 because we were not satisfied with our previous solution. It was not up to par in terms of our needs and standards.

The initial setup is very straightforward and not complex at all. Our deployment took about three months.

This is mostly a cloud-based solution that works with the assistance of agents and collectors.

We implemented and deployed this product on our own.

The licensing is asset-based and very straightforward.

Overall, this is a product that I am very satisfied with.

I would rate this solution an eight out of ten.

InsightVM is good. It's easy to use. It's fast, it's a powerful, easy to access tool.

I have had some difficult problems with InsightVM. The InsightVM cannot scan if we connect to our customer by the VPN. I asked the Rapid7 support, they told me that the InsightVM can only work on the same network. We cannot use InsightVM by VPN. It also consumes a lot of memory. It would be good if they could resolve that.

We worked with Rapid7 InsightVM for one year.

It is very stable, but it consumes a lot of memory.

Scalability is good on the same network but not if you have to connect to another network.

I think the support is okay. They responded very quickly, and it was sufficient.

InsightVM is Window-based. It is easy to install and easy to use.

It took us about half a day to set up. When we bought from the distributor in Thailand, the distributor sent an engineer to install and explain how to use it and how to customize the report.

My team uses a small tool such as Tenable Nessus and Rapid7 InsightVM, but when we use both tools and compared the report, Tenable Nessus is very easy to consolidate, to expand to our customer, but InsightVM is very difficult. We would have to cancel it to explain the daily part to our customers.

I would recommend having the distributor help you to explain how this software works and to help with the details. I would rate it at an eight out of ten.