Rapid7 InsightVM Valuable Features
FL
FurqanLatif
Senior Manager - Pre-Sales at Trillium Information Security Systems
The most valuable feature of the Rapid7 InsightVM solution is the Live Risk Score. It provides dynamic Live Risk Scoring of the assets. Vulnerabilities can be classified between most critical and less critical vulnerabilities, which are dynamically updated in their dashboard. This is the most interesting and valuable feature from my perspective.
It provides different compliance reports regarding PCI DSS, GDPR, and HIPAA. For compliance, it is a good solution for customers, and in this domain there is no improvement required for Rapid7 InsightVM.
View full review »The agentless scan in Rapid7 InsightVM is effective and represents the functionality I primarily work with. The risk scoring system in Rapid7 InsightVM is another valuable feature. When comparing to the main competitor QualysGuard, Rapid7 InsightVM is more preferable for me.
View full review »SH
SohailHyder
Head of Cyber Security at Super Secure
We started with a couple of Rapid7 products, including Rapid7 InsightVM, and it runs quite fine with our customers. Although some customers raised issues, we resolved them with our technical team. Customers are interested in this product as it helps heighten their cybersecurity posture. Aside from technical challenges, the products offer comparable packages and services to other vendors in the market, such as Tenable.
View full review »Buyer's Guide
Rapid7 InsightVM
June 2025

Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.
DH
Danny_Hermanus
IT Manager at Hermanus Investments, LLC
The most valuable features of the solution are the agent and the scanning.
The connectivity provided by Rapid7 InsightVM is valuable. We have integrated our SIEM solutions and antivirus with each other through Rapid7. It allows for a lifecycle connection among different solutions. We are using it with CMDB for tagging critical devices. However, the primary purpose remains running vulnerability scans.
View full review »InsightVM has a very organized GUI with ease of use. The vulnerability scans are reliable, and the credential scan is a beneficial feature. The solution is efficient and trustworthy. It's based on the CVSS risk scoring system, which is well-recognized and effective. The integration capabilities through APIs allow easy integration with existing security infrastructure.
View full review »The solution's user interface is good and has some vulnerability prioritization. Rapid7 InsightVM has good integrations with ServiceNow and its own remediation project creation options.
View full review »The remediation project is pretty effective because it allows us to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations.
However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant.
View full review »
The most valuable features of Rapid7 InsightVM for me are creating dynamic asset tags, generating reports, and deploying the agent. The agent scans assets every four hours, providing real-time data on any devices. Although there weren't any significant new features compared to our previous tool, having both SIEM and vulnerability management handled by one tool made things easier. We could gather logs from different devices and cloud sources, and perform detailed investigations without switching tools.
I haven't worked with the automation capabilities of InsightVM. For remediation prioritization, we check the vulnerability, search for solutions on open platforms, and work with different teams to apply patches after proper testing. Currently, we don’t have any AI or ASM projects assisted by InsightVM
View full review »
InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure.
View full review »The audit report and scorecard are brilliant.
The solution is very user friendly and easy to manage. Users who have a year of experience with this type of tool will have no issues.
View full review »DA
DanyAmany
Cyber Security Analyst at a tech services company with 1-10 employees
The most valuable feature is the vulnerability scan. All you need to do is enter the IP address and the solution provides details about the machines, provides the vulnerabilities, and gives recommendations to address those vulnerabilities.
View full review »It is a great endpoint agent. It gives you reliable information about that infrastructure and offers strong accuracy for risk management. However, unlike other management tools that have improved precision testing, InsightVM requires an additional purchase for full access to some of its advanced features.
View full review »SH
SohailHyder
Head of Cyber Security at Super Secure
The data sheet is good in pricing and promises. The customers are very price-conscious. You have to satisfy technical requirements. This combo makes the product valuable and usable.
The most valuable feature for me is the risk calculation based on monthly effects. It's interactive, and the risk calculation depends on various factors such as quantity, hardware, and package used.
View full review »The cost is what is most valuable. Compared to the other products on the market, the cost is more palatable. Also the functionality.
It is a single pane of glass that I can do most things.
View full review »One of the great features is reporting where you know exactly what the solution has found, and you're also provided with a resolution to any problem. It's great. I also like the fact that it can go through and scan not just the Windows server but also all the Linux boxes. The same applies to Unix boxes which provide a full report regarding vulnerabilities that need to be rectified or packages that need to be applied.
AD
Alexandre D
Defense protection study manager at Ministère de la Défense
The solution's most valuable features are the simplicity of use, identifying vulnerable assets, and the ability to create remediation projects.
View full review »DS
DineshSeyyadri
Cyber Security Architect at a healthcare company with 11-50 employees
The solution helps to identify lots of misconfigurations, flaws, or security risks. Anything insecure is exposed easily.
The solution is automatically scheduled so it runs by itself.
View full review »This solution's most useful feature is that it is entirely a single-page application.
The UI is both professional and user-friendly.
View full review »KM
Kjell Morkeng
Head of Cyber security analysis at DNV Poland Sp. z o.o.
InsightVM's best features are the vulnerability database and remediation steps.
View full review »The most valuable features are its reporting capabilities and the host discovery functionality.
View full review »JE
Janakiraman Elumalai
Information Technology Security Specialist at Digitaltrack
We like that you can create your own inputs using the chat.
The integration capabilities are good.
It has good reporting.
We can create our own templates.
The dashboard is very easy to use for customers.
View full review »The remediation feature has been quite useful.
It's easy to set up the solution.
It's stable.
The solution scales well.
View full review »From a scanning perspective, it’s great. The customization associated with each and every scan is very good. It actually provides functionality from a CIS control perspective as well.
It is easy to deploy.
The product is scalable.
The solution is very stable.
View full review »Using active scan is good.
If you have a history with the solution, the initial setup is easy.
The solution is stable and reliable.
It's very scalable.
View full review »One of the most valuable features is it's graphical dashboard feature. It is quite easy to manage the widgets, and we can customize those according to our queries.
The other most valuable feature is that we can integrate Rapid7 InsightVM with JIRA. If a vulnerability in our services or server is found, it directly connects with JIRA and will assign a ticket. We can then share that with our development team or infrastructure team. Within a team, we can share it and assign the ticket, and we can smoothly do the mitigation process.
Also, InsightVM has an image container that can be utilized via a CI/CD pipeline. We can directly integrate with building tools, and we can have vulnerability assessment throughout the development life cycle.
Rapid7's initiative Project Sonar digs out the vulnerabilities arising all over the world and sends feedback to the systems. They then immediately update their databases and begin mitigation processes.
View full review »The assessment is most valuable.
View full review »The reports in Rapid7 InsightVM are useful when compared to competitors.
ES
Enrique Santiatiagogo
Owner at Sidif Del Caribe Corporation
When you connect any new device to the network, Rapid7 has the ability to detect the new device immediately. It can scan that device to detect if it has any vulnerability.
It tells you what is vulnerable and what has been misconfigured. It also tells you what is the risk of that misconfiguration or lack of patches and how to resolve the problem.
View full review »The risk score that they provide makes it easier to find out the biggest risks. It helped the security officers to understand where the biggest risks are so that they can act on them. They can instruct their IT teams to give them a higher priority and mitigate them.
View full review »InsightVM's most valuable feature is risk scoring, a formula based on different vectors like the ease of exploitation and the availability of the machine. It can be customized according to the customer's needs - for example, if they have an asset that is more vulnerable, they can adjust the risk score according to their infrastructure. It also has a very robust dashboard system and good integration.
View full review »The feature that I have found most valuable is its dashboards.
View full review »LM
Layth Mansour
Information Security Officer at Umniah
There are a few main features that we are very happy with. Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective.
View full review »It's a relevant management tool.
It has some useful automation features. The report generating and the scanning are very helpful.
View full review »DB
Davide Baudanza
CoFounder & Head of Technology at intuity
I really love the new platform. It is really easy to understand, use, and deploy.
Their support is very professional and good at troubleshooting issues.
I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps. I liked that. That was a feature I liked. If your manager had a different dashboard that they liked, and you tried to go into a meeting and they say, "Well, I think your numbers are wrong because my dashboard says this" Well, you couldn't rapidly say, "Here's the default dashboard for this for risk." Whereas, with Tenable, you could go through a dashboard just for risks, and say, "Hey, let's switch to this dashboard so we're seeing the same numbers without customization."
View full review »We have put in some requests for enhancements and they are listening quite well. When there is something that we want to have enhanced then we can easily chat with the people at Rapid7. If it makes sense and another customer thinks that it makes sense then it will be built into the next release.
We are very satisfied with the reports, as they provide us with the information that is required for our management. You can perform the queries that you need.
View full review »The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature.
View full review »RW
Ryan Witt
IT Security Architect at a government with 1,001-5,000 employees
For us there are many integrations with things like the VMware NSX that are great, the reporting is really solid. I like the ability to set goals and SLAs for remediation. When a new vulnerability is found we can have an SLA associated with it automatically based on severity and some of those things. I like the integration with Cisco ISE for identity and doing automated containments and the like. But the biggest thing for me is the quality of the vulnerability scanning itself. The quality of the results and the timeliness, the speed with which they update with new checks for new vulnerabilities. That is the big thing for us.
View full review »The most valuable feature for us is the different types of reporting it provides. For example, the compliance reporting, compliance with the international standard in which we are certified and compliant. This is important for us to escalate the dashboard to our top management.
View full review »FH
Fatma Hamouda
Senior manager at Software Productivity Group
The solution provides all the required features for vulnerability management.
View full review »I like Rapid7's scan optimization options.
View full review »PD
ParveshDhurmea
Assistant Engineer at Harel Mallac Technologies Ltd
The solution is good because it has a lot of options.
View full review »The performance is good.
View full review »GN
Gerald Naude
Security Engineer at a computer software company with 51-200 employees
The discovery and prioritization of vulnerabilities is a good feature along with the investigation, the trials function. It's also user friendly.
View full review »The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at.
The solution has an excellent feature that scans for vulnerabilities that may affect the Windows operating system. It helps us avoid being affected by WannaCry or other malicious attacks of that nature. It's one of the most useful features that we have. We're able to see more vulnerabilities before they become an issue due to the fact that it's so protective. It's great at helping us avoid malware or ransomware.
View full review »DM
Damir Miklavčič
Security Analyst at Zavarovalnica Triglav dd
PJ
Pongtosaporn Junlobol
Vice President at INET Managed Services Co.,LTD.
InsightVM is good. It's easy to use. It's fast, it's a powerful, easy to access tool.
View full review »The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices. It will extract all of the information, including the rating and vulnerabilities, in all of the applications that are present, on each of those machines. This is quite relevant because if you have many applications on one server then you don't know if they are individually patched, or not.
The dashboard is not difficult to manage.
View full review »ZR
Zain Rehman
Manager SecOps at a financial services firm with 1,001-5,000 employees
We feel the interface is very good. It is very easy to use, even a nontechnical person can use it.
View full review »JG
Jim Gallagher
Enterprise Manager Infrastructure and Operations at McGrath RentCorp
The feature that we find most valuable is the granularity. You can view your assets however makes the most sense to your business. We found that we could isolate systems easily via tagging and site setup.
View full review »NeXpose is a pretty good vulnerability scanner, good enough. There's a nice dashboard and it's a pretty cool SIEM.
View full review »Rapid 7 offers the community edition, a free of charge edition( 32 IP's) that helps small companies to secure their IT environment. Also with this edition it helps the students to learn about Vulnerability Management.
The report from Nexpose is very big, and gives you a description of the problems you have on your servers, and the solution for remediation.
Other valuable feature is the ability to check the vulnerability with Metasploit with only one click.
View full review »The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good.
View full review »It helps with the scanning of vulnerabilities. It's great at handling remediation after you've found an issue and managing the process of vulnerability remediation. The solution provides great advice.
The solution offers very good intelligence and tracking the process of remediation.
It goes very deep and doesn't just find the problem - it helps fix things too.
The setup is easy.
The solution is easy to use.
It offers good scalability.
It's stable.
The pricing is reasonable.
The solution can scale.
View full review »Buyer's Guide
Rapid7 InsightVM
June 2025

Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,957 professionals have used our research since 2012.