2018-10-24T14:07:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 1

What advice do you have for others considering Rapid7 Metasploit?

If you were talking to someone whose organization is considering Rapid7 Metasploit, what would you say?

How would you rate it and why? Any other tips or advice?

4
PeerSpot user
4 Answers
MM
Project Director at a tech services company with 1,001-5,000 employees
Real User
2020-10-20T04:19:00Z
Oct 20, 2020

The great advantage with Rapid7 Metasploit, of course, is that it's free. You can download it and start using it for free, right away. The features are satisfactory, and you can do your job strictly with the free edition. Of course, you could do your job even better with the commercial edition. There are better products available, like Core Impact, but they are much more expensive. On a scale from one to ten, I would give Rapid7 Metasploit a rating of eight.

Search for a product comparison
EG
Senior Information Technology Security Officer at a financial services firm with 501-1,000 employees
Real User
2020-06-25T10:49:27Z
Jun 25, 2020

I used the product previously. Now, I am more of a consultant. I'm not sure what version of the solution I'm currently using is. This product is fantastic. I prefer using it. I'd rate it seven out of ten. If it wasn't for the unpredictable support, I would rate it a bit higher. If it added just a few more advancements, it would be even better still.

AS
Principal security consultant at a computer software company with 201-500 employees
Real User
2020-06-04T09:41:24Z
Jun 4, 2020

For our needs, which is usually a dedicated environment for our customers, I cannot envision any significant improvements that need to be made. My advice for anybody who is considering this solution is that it works well as a component in a vulnerability testing platform. We use a combination of tools with a certain level of automation and integration, which gives us the flexibility that we need to accommodate customers with differing needs. There is no one tool in the market that covers everything and ultimately, Metasploit helps to produce the reports that we need. The biggest lesson that I have learned from using this product is that if proper security checks are not done during the development process then very likely, you will face major vulnerabilities or risks in the production environment. Overall, it is a very good product for penetration testing. I would rate this solution an eight out of ten.

it_user172239 - PeerSpot reviewer
Senior Manager of System Security at DataSolutions
Real User
2018-10-24T14:07:00Z
Oct 24, 2018

It's not possible to do penetration testing without being very proficient in Metasploit. It's impossible.

Find out what your peers are saying about Rapid7, Tenable Network Security, Qualys and others in Vulnerability Management. Updated: November 2022.
655,465 professionals have used our research since 2012.
Related Questions
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
May 12, 2022
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 3 answers
EG
Senior Information Technology Security Officer at a financial services firm with 501-1,000 employees
Jun 25, 2020
The pricing of the solution is pretty good. That said, it would be good if there could be more of a discount. It would be better for us.
ME
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
Oct 5, 2021
There are two versions available, one of which is the Pro version, and the other is the free version. In the four years that we've been using this solution, we've only used the free version. We haven't had any reason to use the Pro Version.
it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
May 12, 2022
Please share with the community what you think needs improvement with Rapid7 Metasploit. What are its weaknesses? What would you like to see changed in a future version?
2 out of 5 answers
AS
Principal security consultant at a computer software company with 201-500 employees
Jun 4, 2020
Integration with popular vulnerability scanners would be a useful feature. Better automation capabilities would be an improvement. For example, if a project is moving from a development to a testing environment, then automation is crucial. We are using Jenkins, JIRA, and other tools for SecOps and DevOps. If somebody is storing code or a project in SVN then it needs to be fully automated. We need the ability for the scanner to run, then have Checkmarx scan them, then exploit the vulnerabilities if any are found.
EG
Senior Information Technology Security Officer at a financial services firm with 501-1,000 employees
Jun 25, 2020
The solution should be more user friendly. Right now, a user needs a certain level of technicality. The solution should improve the responsiveness of its live technical support.
Download Free Report
Download our free Vulnerability Management Report and find out what your peers are saying about Rapid7, Tenable Network Security, Qualys, and more! Updated: November 2022.
DOWNLOAD NOW
655,465 professionals have used our research since 2012.