We need to stand parallel to our competition, meeting the market and user demands. We should ensure the tools we leverage within our environment are up to the market. Apart from Rapid7 ICS, there are a lot of other tools available in the market which are also agentless. Most other solutions work on the API level, where you use the API to integrate them and perform the scans. As for privileged access in Rapid7, you sometimes require privileged access to perform automatic remediations, which could be something that most customers are not comfortable with since they would not want someone outside their company to grant privileged access. Considering Rapid7 ICS' shortcomings, Rapid7 is working on the same. But there are a lot of other competitors in the market providing better features. When it comes to keeping an eye on PII data, which is very sensitive, Rapid7 ICS does not detect if it is in the cloud resources. But other vendors' products could detect that. That feature is based on which one can compare Rapid7 with other tools. People are still in the phase of developing most of the features. They might have Rapid7's documentation with them, but those require some prerequisites if you want to understand them. If you're a vendor and do not know anything, you must learn some things without directly jumping to the documentation part. Rapid7 ICS is good, considering the number of features they provide. But that depends on your and the company's requirements. If the company just wants a tool that acts as a CSPM, Rapid7 ICS can be helpful. But if the company wants to not only buy a CSPM tool but wants a CSPM-cum-CNAPP, Rapid7 ICS is lacking in those areas. There are a lot of pros and cons, but Rapid7 ICS is doing well as of now. I rate the solution a six out of ten.
Detect cloud risk immediately with real-time, agentless visibility into everything running across your entire environment. Know exactly which risk signals to prioritize thanks to complete context, with the broadest and deepest coverage across major cloud platforms. Enforce organizational standards, streamline the remediation process, and fix compliance drift immediately with native, no-code automation.
I rate the overall product an eight out of ten.
I rate Rapid7 InsightCloudSec an eight out of ten.
We need to stand parallel to our competition, meeting the market and user demands. We should ensure the tools we leverage within our environment are up to the market. Apart from Rapid7 ICS, there are a lot of other tools available in the market which are also agentless. Most other solutions work on the API level, where you use the API to integrate them and perform the scans. As for privileged access in Rapid7, you sometimes require privileged access to perform automatic remediations, which could be something that most customers are not comfortable with since they would not want someone outside their company to grant privileged access. Considering Rapid7 ICS' shortcomings, Rapid7 is working on the same. But there are a lot of other competitors in the market providing better features. When it comes to keeping an eye on PII data, which is very sensitive, Rapid7 ICS does not detect if it is in the cloud resources. But other vendors' products could detect that. That feature is based on which one can compare Rapid7 with other tools. People are still in the phase of developing most of the features. They might have Rapid7's documentation with them, but those require some prerequisites if you want to understand them. If you're a vendor and do not know anything, you must learn some things without directly jumping to the documentation part. Rapid7 ICS is good, considering the number of features they provide. But that depends on your and the company's requirements. If the company just wants a tool that acts as a CSPM, Rapid7 ICS can be helpful. But if the company wants to not only buy a CSPM tool but wants a CSPM-cum-CNAPP, Rapid7 ICS is lacking in those areas. There are a lot of pros and cons, but Rapid7 ICS is doing well as of now. I rate the solution a six out of ten.