Rapid7 InsightVM Review

With an effective dashboard, it gives us visibility into people using VPNs


What is our primary use case?

Our primary use case is looking for people who are using Tor, or VPNs generally, and the only way we can see that is if they log in and then they log in in a foreign country right away, which means they're jumping on to the "escalator".

How has it helped my organization?

We really didn't have any visibility at all and now we do. It's like night and day.

What is most valuable?

NeXpose is a pretty good vulnerability scanner, good enough. There's a nice dashboard and it's a pretty cool SIEM.

What needs improvement?

We could always have a cheaper price, but other than that it's pretty good stuff.

Also, if they’d expand their product line, that would be good, and they are doing so, but they're not done yet.

What do I think about the stability of the solution?

Stability is rock solid.

What do I think about the scalability of the solution?

We're at a pretty big scale already. I don't expect us to get any bigger and it's handling our scale now. If anything, we’ll probably shrink.

We're a school district and, in this area, there are three big districts, and they have open enrollment. We're not on the marketing end of our school district. If the marketing doesn't do well, we’ll shrink.

How is customer service and technical support?

Tech support is satisfactory.

Which solutions did we use previously?

Last year got a new person in the position of information security officer, and he brought the news with him.

We went with NeXpose because we wanted to get as many products as we could from the same vendor. A full suite would have been fantastic, but that doesn't exist yet. Rapid7 had the vulnerability scanner, the penetration testing, and the SIEM, and the web app evaluator. They're adding other things. They acquired another company recently that will benefit us if we get that product. It's the all-in-one works we like.

My most important criterion when selecting a vendor is that they have to have a purchasing vehicle that is approved for school districts. It's harder than it sounds. We can't just say, "We want that, send us a bill."

How was the initial setup?

It's easy to install.

Which other solutions did I evaluate?

We started with SentinelOne, we looked at CrowdStrike, we looked at Red Canary. The funny thing was, Red Canary was just remarketing CrowdStrike, or something like that. It got to a point where I realized these weren’t additional vendors. They were just additional packagers of the same solution.

What other advice do I have?

Take a test drive. If you don't test drive it, how do you know you're going to like it or if it even works. Would you buy a car without test driving it? Absolutely not. In this case, it’s a sales contract. It's a service for one to three years. Backing out of it is pretty much impossible.

I rate it at eight out of 10. It just works. We haven't had any trouble with it. We've had good support. What's not to like? But it's an eight because the software that can be purchased is not the ultimate software. It's hard to give anybody a 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Try It For Yourself

Get your 30-day free trial 

Add a Comment
Guest

Sign Up with Email