What is our primary use case?
The primary use case of this solution is for critical business applications for the web. We have also implemented it to identify when we are changing and an older system like the application client-server, the server two, the network equipment like switch routers, and security solutions.
What is most valuable?
The most valuable feature for us is the different types of reporting it provides. For example, the compliance reporting, compliance with the international standard in which we are certified and compliant. This is important for us to escalate the dashboard to our top management.
What needs improvement?
We need to scan and identify the different RPGs, the critical ones and the major ones that can generate risk or a measure of risk. We generate the reporting from the system and relay the report to our internal developers. We have our internal developers in the bank.
This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider.
For how long have I used the solution?
I have been using this solution for six months.
What do I think about the stability of the solution?
This solution is stable. It's a good solution.
What do I think about the scalability of the solution?
This solution is scalable.
It takes two people to manage this solution and to be the backup for the succession plan. Our manager has access and performs audits.
How are customer service and technical support?
Technical support is good and responsive.
Which solution did I use previously and why did I switch?
In this current company, they were using Qualys and I convinced the management to change to Rapid 7.
After every event, we are required to automize with information control tools like Sandbox, IPS, and vulnerability management. All of those security tools need to be implemented and automized.
That is not the case with Rapid 7. It can be automized and we are dependant on ourselves. We can perform in having this solution customized with the confines of our text.
How was the initial setup?
The initial setup was not complex and it was easy to implement.
It took a week to prepare and install the virtual machine, and to implement the solution it took one month.
Our Regulatory requires that all banks must implement all security solutions on-premises, not on the cloud because they are worried that the data will be compromised and available on different data centers around the world.
What about the implementation team?
We had the help of an integrator to implement this solution. There were three engineers to help. One was for Nexpose and two for Appsider.
What's my experience with pricing, setup cost, and licensing?
This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important.
What other advice do I have?
Rapid 7 is a leading solution that has been implemented in many companies.
In Nexpose you have the console and the app assistant for Rapid 7. The design can be implemented in all of the segments of the network to scan, perform the scale of the scan, perform the reporting, generate the reports, and send it to the central console.
I would suggest that customers acquire this solution.
In addition to management, we are subscribed to the security dispense team and the company emergency dispense team. We always receive the bulletins, so we are always aware of the vulnerabilities.
I appreciate this solution. All of the features that are included are enough for me.
This is an excellent solution and I would rate it a ten out of ten.
Which deployment model are you using for this solution?