Rapid7 InsightVM Questions

Netanya Carmi - PeerSpot reviewer
Netanya Carmi
Content Manager
PeerSpot (formerly IT Central Station)
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 18 2022

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 18 2022

Please share with the community what you think needs improvement with Rapid7 InsightVM.

What are its weaknesses? What would you like to see changed in a future version?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 18 2022

If you were talking to someone whose organization is considering Rapid7 InsightVM, what would you say?

How would you rate it and why? Any other tips or advice?

Charles Denver Perez - PeerSpot reviewer
Charles Denver Perez
Team Leader - Applications Consultant at a tech services company with 501-1,000 employees
I work for an IT integration company and we work with our customers to help them choose the best solutions for their needs. I am researching Imperva SecureSphere Database, Qualys, and Rapid7. What are the biggest differences between the three? Which do you recommend and why? Thanks! I appreci...
Read More »
Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 18 2022

Hi Everyone,

What do you like most about Rapid7 InsightVM?

Thanks for sharing your thoughts with the community!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 18 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Vulnerability Management Questions
reviewer2000289 - PeerSpot reviewer
Senior Engineer at Lincoln Financial Group
Nov 25 2022
Hello community,  I am a Senior Engineer at a large financial services firm. I am currently researching vulnerability management tools. Which tool would you recommend for vulnerability management in your infrastructure? We are particularly concerned post the Apache log4j vulnerability that was...
Read More »
Antonio Scola - PeerSpot reviewer
Antonio ScolaHello I recommend you take a look at TANIUM.COM. It's a fantastic solution… more »
ArindamPal - PeerSpot reviewer
ArindamPalIf you are looking for Vulnerability Assessment for IT Infra, then you can… more »
2 Answers
JerryWang1 - PeerSpot reviewer
JerryWang1
User at Ant Financial

Hi security professionals,

Companies like Fuzzbuzz, Forallsecure are introducing fuzzing platforms to the public. Have you ever used this or an alternative tool in your company? 

How has your experience been with that fuzzing tool?

Thanks for the help!

Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi infosec professionals.

What are your top choices of tools to use for mobile penetration testing this year?

Thanks for sharing your knowledge!

ZvikaRonen - PeerSpot reviewer
ZvikaRonen
Chief Technology Officer at FOSSAware
A developer sabotaged his own open-source libraries, breaking thousands of apps as a protest for commercial companies which make millions from his code and contribute back nothing. What do you think about his act? Is it legitimate since the license of open source is given "as is"? Should he have...
Read More »
ITSecuri7cfd - PeerSpot reviewer
ITSecuri7cfdSome call what he did DLC/DRM.  I think he'll suffer from reputation loss and… more »
2 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi security professionals, As the majority of you have probably heard, GoDaddy has been hacked again a few days ago. Based on what is already known, what has been done wrong and what can be done better?  Share your thoughts!
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 11 2022

Hello community,

What are the MITRE ATT&CK framework use cases? 

How can it be used in an enterprise security strategy?

Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraYou can simulate different types of access/attacks using the matrix suggested by… more »
2 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi peers,

What should one include (essential items) into a Service Level Agreement (SLA) when purchasing cloud penetration testing services? 

Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraUsually, CSPs provide a list of what is/isn´t presented in their SLA and… more »
2 Answers
Ram-Chenna - PeerSpot reviewer
Ram-Chenna
User at FD
Hi peers, We have developed an eCommerce system using the Microsoft Technology Stack.  Now, we would like to perform Vulnerability Assessment and Penetration Testing (VAPT) of this system using a comprehensive tool.  Can anyone recommend a tool that (preferably, an open-source one) to perform ...
Read More »
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraYou can start with OpenVAS (an excellent tool during "first steps")… more »
1 Answer
Elsayed Ahmed - PeerSpot reviewer
Elsayed Ahmed
CIO at AIMS

Hi cybersecurity professionals,

I'm looking for your recommendations about penetration testing tools for SMB/SME. 

What would be your choice? Please share a technical description of why would you choose this tool over others.

Thanks in advance.

DDDD25 - PeerSpot reviewer
User at Government of the United Kingdom
Hi, I'm doing integration between Tenable and ServiceNow and I'm looking for an API for Tenable Connector into ServiceNow. Does anyone have good recommendations?  Thank you!
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community, Which automated tools for penetration testing would you recommend to your colleagues working for enterprises?  Please share a couple of reasons why you recommend those tools.
Read More »
reviewer1526550 - PeerSpot reviewer
reviewer1526550There are many automated DAST & SAST tools but from my perspective, there is no… more »
John Rendy - PeerSpot reviewer
John RendyHi Evgeny, There is one automated penetration testing tool that performs way… more »
erdemerdag - PeerSpot reviewer
erdemerdagHello, I can say the most helpful product is Picus for this need. It is not… more »
4 Answers
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira
Information Security Manager at a financial services firm with 5,001-10,000 employees
Does anyone have recommendations about methodologies (e.g. use of FAIR framework), plug-ins (ETL schemas, FOSS add-ons) or commercial/free solutions (like Kenna) that can help us during "integration, transformation and consolidation" of vulnerability into risks (from Tenable.IO to Archer)?
Read More »
James Dirksen - PeerSpot reviewer
James DirksenYes, take a look at DeepSurface. It’s designed to automate the process. 
Stewart Gwyn - PeerSpot reviewer
Stewart GwynClear use with the NIST compliance framework, Archer IRM 6.9.sp3.p2, use of… more »
2 Answers
Ludwing Caviedes - PeerSpot reviewer
Ludwing Caviedes
VP Innovation and Development at Coinsa SAS
Jul 11 2022

Hi,

I'm a VP of Innovation and Development at a small tech. services company. 

Is it possible that a single vulnerability analysis software does not detect the entire spectrum of threats?

Avraham Sonenthal - PeerSpot reviewer
Avraham SonenthalNo single product will detect all vulnerabilities. That is why in security we… more »
Vladimir Jirasek - PeerSpot reviewer
Vladimir JirasekShort answer: No. Long one: start with vulnerability assessment for your key… more »
George Fyffe - PeerSpot reviewer
George FyffeYou wont find a single tool that will report on all the vulnerabilities that can… more »
8 Answers
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

Is continuous vulnerability scanning essential? 

Are there other approaches to vulnerability management that do not involve continuous scanning?

George Fyffe - PeerSpot reviewer
George FyffeAs data increasingly moves from on-prem to Public Cloud, we need a complete… more »
Gilbert-Kabugi - PeerSpot reviewer
Gilbert-KabugiI believe vulnerability scanning is usually a scheduled activity where you can… more »
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraYes, essential*. You can start your program, for example, based on "Internet… more »
6 Answers
PradeepKumar4 - PeerSpot reviewer
PradeepKumar4
Senior System Engineer at Trianz

I'm a Senior System Engineer at a mid-sized enterprise. I am comparing Qualys VM and Tenable Nessus: 

  • What are their exact differences?
  • Which is good for IT industries?
  • What are their pros & cons?
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

In the past vulnerability assessment has been the primary approach used to detect cyber threats. 

Risk-based vulnerability management has become increasingly popular. 

How do each of these approaches work, and which do you think is more effective?

DavidGillies - PeerSpot reviewer
DavidGilliesAs soon as a vulnerability assessment is complete, it is obsolete. Your… more »
Nikos Christakis - PeerSpot reviewer
Nikos ChristakisVulnerabiity Assement is a useful process but it's still a snap-shot of your… more »
Paresh Makwana - PeerSpot reviewer
Paresh MakwanaYOU are right that earlier vulnerability assessment was very basic and done as… more »
5 Answers
Ariel Lindenfeld - PeerSpot reviewer
Ariel Lindenfeld
Sr. Director of Community
PeerSpot

Let the community know what you think. Share your opinions now!

Fin Nish - PeerSpot reviewer
Fin Nish- Great dashboard - Reporting - Supports multiple formats (PDF, CSV, XML) -… more »
Micheal Iroko-Msc, CISA, CISM, CRISC, COBIT, CEH - PeerSpot reviewer
Micheal Iroko-Msc, CISA, CISM, CRISC, COBIT, CEHEnsure compatibility of the vulnerability software to the organization's needs.
5 Answers