Average Ratings

11 Reviews

  • 4 / 5
    Overall

  • 4 / 5
    Ease of Use

  • 3.5 / 5
    Customer Service

Product Details

  • Starting Price
    Not provided by vendor
  • Free Trial
    Yes
  • Deployment
    Cloud, SaaS, Web
  • Training
    Webinars
    Live Online
    In Person
  • Support
    Online
    Business Hours
    24/7 (Live Rep)

Vendor Details

  • Rapid7
  • www.rapid7.com
  • Founded 2000
  • United States

About InsightVM

InsightVM uses the power of Rapid7s Insight platform & heritage of their award-winning Nexpose product. InsightVM provides a fully available, scalable, & efficient way to collect vulnerability data, turn it into answers, & minimize risk. This industry leader in vulnerability management, InsightVM leverages the latest analytics & endpoint technology to discover vulnerabilities real-time, pinpoint their location, prioritize using threat risk & business context, and confirm exposure reduction.


Spotlight media placeholder

InsightVM Features

  • Asset Discovery
  • Asset Tagging
  • Network Scanning
  • Patch Management
  • Policy Management
  • Prioritization
  • Risk Management
  • Vulnerability Assessment
  • Web Scanning

InsightVM Reviews Recently Reviewed!


Excellent product by an excellent company

Mar 22, 2019
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: Easy to install, intuitive UI, integration with cloud portal, agent (that feeds data to the cloud analytics portal), multi-platform.

Cons: Nothing -- Rapid7 is KILLING it.

Since this field has a minimum length: maybe the only downside is that the security console requires a decent bit of RAM? I had to give it 8 GB to ensure stability. That said, it's running a web-based management interface, and the scan runtime is far faster and more reliable than our previous solution.

Overall: I trialed Nexpose Community when our company started moving to a cloud hosting provider. I was very impressed.

We ended up going with another provider, but when that contract expired, I proposed that we give InsightVM a shot instead of a renewal, remembering how much of a pleasure it was to use. Now, we're customers, and I don't regret my suggestion at all.

I deployed a security console within an hour, and had it ingesting an inventory of every host in our cloud environment, whether Active Directory knew about it or not.

Everyone from Compliance to IT speaks positively about it. They like the intuitive UI, the ability to get actionable data the moment the dashboard loads, and the fact that it's fully aware of both Microsoft and third-party vulnerabilities.

I like the "risk score," a practical alternative to the typical CVSS rating. While the CVSS score is important, Rapid7 weights their score on factors such as practicality of exploitation and active targeting in the wild. I've suggested that we prioritize remediation based on the Rapid7 risk score rather than the CVSS score.

I installed the Insight agent on a majority of our workstations, which sends data about any published vulnerability to the portal, whether in a Docker image, a third-party application, or the underlying OS. A couple customizations of the dashboard, and now we see comprehensive overview of the week's priorities at logon. It's great to have one dashboard for every environment!

The Go-To Pentesting application

Apr 15, 2019
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality
Likelihood to Recommend: 9.0/10 Not
Likely
Extremely
Likely

Pros: The ability to conduct the full range of basic (and some advanced) penetration testing phases and techniques from within one application makes this the first port (pun intended) of call when initiating a report. Utilising the thousands of existing, and daily generated, custom-made add-ons makes this completely future-proof too. If there's still something missing, write yourself a script and import that too!

Cons: As a technical tool, it is not for the typical Windows user - this therefore necessitates a technical mindset to get it up and running and begin use. Arguably, given how powerful this tool can be, this is a good thing and it keeps it out of the hands of most people. However, it can make the use of some of the advanced functionality annoying if you're not a regular user, having to relearn each time.

Overall: It's as close to a one-stop pentesting application as it's possible to have. Recconnaisance, Access, Payload, Closure - all within one application. Sure, other applications and skills are necessary to carry out the most comprehensive report but this is the place to start.

A great vulnerability scanner from a know vendor.

Dec 22, 2017
5/5
Overall

3 / 5
Ease of Use

5 / 5
Features & Functionality

3 / 5
Customer Support

3 / 5
Value for Money

Pros: A very good vulnerability assessment scanner with a long reliable history. The reports are well presented and deliver relevant information. Discovery and special scan are appreciated.

Cons: The install and setup is not as easy as you might hope for this day and age. Price can be a bit of a turn off, even if it is worth it.

A powerful scanner with useful reports, but ideal for a larger business with a more complex network

Mar 19, 2018
4/5
Overall

4 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 6.0/10 Not
Likely
Extremely
Likely

Pros: As an accounting firm with multiple offices, we invested in this program to help us protect client information. Nexpose is a detailed and accurate scanner, and it presents professional reports on a regular basis.

Cons: Though it's a wonderful program, for our small business the price was difficult to justify. We also felt the installation process was a little difficult.

Overall: Solid customer support, clean interface, helped to make us aware of possible data breaches

Rapid7

Feb 12, 2019
5/5
Overall

4 / 5
Ease of Use

4 / 5
Features & Functionality

5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: Easy to use. Deployment was easy as well. Rapid7 is a very reputable organization and forefront of Cyber Security. I was able to find vulnerabilities I was looking for but the bonus was the stuff I did not have in mind. For instance, I did not consider APCs and other ancillary appliances.

Cons: Reporting can be better i.e. focused reports associated with Cyebr Security Frameworks like NIST etc.

Overall: Great experience overall.. Will use it again. The support and sales teams helps you along the way.

Bloated NMAP scanner

Jan 26, 2017
1/5
Overall

2 / 5
Ease of Use

1 / 5
Features & Functionality

1 / 5
Customer Support

1 / 5
Value for Money

Pros: Absolutely nothing at this point.

Cons: Doesn't work. Tech support horrible. Accessing logs horrible. Just overall terrible software.

Overall: 1. Tech support is awful. Just god awful. I installed their appliance OVF's. They also have direct Linux and Windows installers if you prefer to load your own OVF's. Every single case I submit, I say I am running the Nexpose Appliance. Every single time they ask me what I am running (Windows or Linux). Are they just that dumb over there?

2. Scans die. I did my initial discovery scans. Worked OK at most sites except a couple which kept dying. I ran them a couple times and they finally finished. I didn't bother calling support. See #1 above for why. I then tried to run initial Full Audit scans. Only one of my 8 sites completed. I can't wait to call tech support to find out!! LOL

This is not a cheap product. It works so poorly that it is quite disgusting. It is VERY obvious that the internal processes at Rapid7 are horrible at best. I'm going to ask for my money back and go with another product. Note: Too bad I couldn't demo this product firsthand (try before you buy) but Rapid7 is very inflexible in that manner.

Recommendations to other buyers: Don't buy it.

Awesome penetration testing and deployment services

Jun 28, 2017
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

5 / 5
Value for Money
Likelihood to Recommend: 10.0/10 Not
Likely
Extremely
Likely

Pros: What I like most the ease of deployment and use. Their Nexpose Vulnerability Scanning tool was fully deployed on just one call.

Overall: One of the most essential benefits of this software is there Jira integration. This feature has saved our team a lot of time.

IT Administrator

Nov 07, 2016
3/5
Overall

3 / 5
Ease of Use

3 / 5
Features & Functionality

Comments: Monitoring and maintaining computer systems and networks.

Troubleshoot and resolve hardware, connection, printer and software issues reported to the Service Desk.

Update network applications as required.

Maintain daily tape backup and off-site tape storage.

Provide support to the Technology team.

Monitor and control servers, server configuration and upgrades.

Installing and configuring computer hardware operating systems and applications.

Talking staff/clients through a series of actions, either face to face or over the telephone.

Troubleshooting systems, servers and network problems and diagnosing and solving hardware/software faults.

Replacing parts as required.

Setting up new users accounts and profiles and dealing with password issues.

IT Security &Controls: by maintaining users ID security administration files. Creates users\mailboxes, deletes\modifies user accounts, and resets lost

We used to use this scanner and it was ok.

Mar 07, 2018
3/5
Overall

3 / 5
Ease of Use

3 / 5
Features & Functionality

3 / 5
Customer Support

4 / 5
Value for Money
Likelihood to Recommend: 6.0/10 Not
Likely
Extremely
Likely

Pros: The scanner was a decent scanner. We liked the scanner because it was able to do the scanning we needed for a good price. It was also easy to use for functionality.

Cons: The software was not as robust as the new scanner that we use but it was less in terms of cost so that was expected.

A really great tool for security awareness

Oct 12, 2017
5/5
Overall

3 / 5
Ease of Use

4 / 5
Features & Functionality

3 / 5
Customer Support

3 / 5
Value for Money

Pros: A really extensive tool for network scanning when combined with Metasploit.

A well thought out GUI and report system

Cons: Price is a bit on the expensive side when the market is so full of alternatives.

Can be a bit intimidating to setup and install.

Security software

Oct 06, 2016
5/5
Overall

5 / 5
Ease of Use

5 / 5
Features & Functionality

5 / 5
Customer Support

5 / 5
Value for Money

Comments: Very easy to use! Extensive list of products and companies in the database available at your fingertip.