Rapid7 InsightVM Primary Use Case

DA
Cyber ​​Security Analyst at a tech services company with 1-10 employees

The primary use case of the solution is for network monitoring.

View full review »
Shakeel Ahmad - PeerSpot reviewer
Sr Cyber Security Consultant at Google

Our company uses the Nexpose automation tools for validity, deactivation, assessment, and penetration testing. We can easily see if something has been exposed and manually focus on or follow main vulnerabilities. 

We have 28 users and a JV license key for using the solution in our offline systems on a trial basis. 

View full review »
RW
IT Security Architect at a government with 1,001-5,000 employees

We have a few primary use cases. The main one is looking at the visibility of devices that are on our network to keep track of things as they come and go, we're looking for known vulnerabilities whether it's the operating system, network devices, mobile devices, and the like. When we find the vulnerabilities we remediate them, so it's also our job to verify that remediations have been successful. In addition, we are now beginning to get involved in setting security baselines and configuring baselines and using InsightVM to audit those configurations.

We're scanning about 6,000 devices. There are about 4,000 users in our environment, they are all IT staff. We also have technical leads from our user services, which is our workstation support, mobile devices, laptops, etc. We've got our infrastructure office which is servers and cloud administration, the IT security group, which is myself, and then our network support team and network administrators as well. It means our IT leadership gets some definite value from the reporting there. The CTO, his assistant, and all the IT managers receive their information from there as well. We have one person working in maintenance, and that's not a full-time position. 

View full review »
Buyer's Guide
Rapid7 InsightVM
March 2024
Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Christian Kyony - PeerSpot reviewer
Senior Security Engineer at DRS

We handle a lot of video equipment and Rapid7 InsightVM helps us to scan subnets, around 150,000 of them.


View full review »
SonNguyen3 - PeerSpot reviewer
Technical Manager at a computer software company with 11-50 employees

We primarily use it for inventory and vulnerability management in our environment. We also use it to identify real risks and focus on container email scanning.

View full review »
JonathanShilling - PeerSpot reviewer
System Analyst II at a energy/utilities company with 1,001-5,000 employees

I don't use this solution directly because I'm not a security admin, but my use case is checking servers against it to see what our patching penetration looks like and whether there are any vulnerabilities that need to be cleared up. We are customers of Insight VM.

View full review »
AP
IRM Technical Consultant at Shell

We implemented it to scan all the assets. In terms of deployment, in my previous organization, it was deployed on-prem, but in my current organization, it is on the cloud.

View full review »
DS
Cyber Security Architect at a healthcare company with 11-50 employees

Our company uses the solution to discover, identify, and patch vulnerabilities or disable certain services. The solution provides the patch recommendations that we implement via another tool. 

Four team members manage the solution internally and for various clients who each have fifty users. 

View full review »
Andrei Bigdan - PeerSpot reviewer
Executive Manager at B2B-solutions.pro

With InsightVM, I continuously monitor my network by setting up regular scans to identify vulnerabilities in real-time. It IS particularly useful for focusing on customer-facing systems at our perimeter, helping me prioritize and quickly address any security risks.

View full review »
AD
IT Manager at a aerospace/defense firm with 10,001+ employees

We use the solution for vulnerability management. We perform scanning and security patching in selected network zones utilizing it.

View full review »
Agustinus DWIJOKO - PeerSpot reviewer
Network & Security Engineer at PT. Centrin Online Prima

There are so many cases for InsightVM. It's used for customers that need the ICS compiler or if they need users to work from home right now. It allows them to manage assets from anywhere. 

View full review »
ES
Owner at Sidif Del Caribe Corporation

We are system integrators. Our clients normally use it to detect vulnerabilities in terms of a lack of patches in certain systems and databases. Its console can be installed on-premise or on the Rapid7 data center.

View full review »
ME
Chief Executive Officer at a outsourcing company with 11-50 employees

The main purpose for using Rapid7 InsightVM is vulnerability management and visibility.

View full review »
KM
Head of Cyber security analysis at DNV Poland Sp. z o.o.

I use InsightVM for vulnerability scanning, to follow up that patching is done properly, and to control operational teams and ensure they're doing their job.

View full review »
SH
Head of Cyber Security at a tech services company with 51-200 employees

The core domain use of the solution is verification, scanning, and finding out the vulnerabilities in real time.

View full review »
TW
Cybersecurity Consultant at a wholesaler/distributor with 51-200 employees

I'm helping customers manage vulnerabilities in their organization. It's for vulnerability scanning. 

View full review »
BV
Security Specialist at a financial services firm with 1,001-5,000 employees

We use Rapid7 InsightVM to increase vulnerability scanning, which is why we tried Qualys as well.

View full review »
it_user1152534 - PeerSpot reviewer
Information Security Senior Expert (Founding member, African Cybersecurity Center) at a financial services firm with 10,001+ employees

The primary use case of this solution is for critical business applications for the web. We have also implemented it to identify when we are changing and an older system like the application client-server, the server two, the network equipment like switch routers, and security solutions.

View full review »
MuhammadMurtaza - PeerSpot reviewer
Information security engineer at CYBERISK

It's a vulnerability scanning tool utilized within the vulnerability management process. We employ it to conduct internal vulnerability assessments of company or organizational host IPs.

View full review »
KW
IT Security Engineer

We primarily use the solution for vulnerability management and monitoring the progress of the remediation process.

View full review »
Muhammad Ali Aziz - PeerSpot reviewer
Senior Manager Cyber Security Services & Solutions at Trillium

InsightVM is mainly used for vulnerability management.

View full review »
JE
Information Technology Security Specialist at Digitaltrack

We primarily use the solution for scanning. It will support the agent and collect scanning information on particular hotspots. 

View full review »
LM
Information Security Officer at Umniah

We use a hybrid setup. Some dashboards and configurations are uploaded to the Cloud, and some of them are on-premises. The main engine is on-premises. We have about 12 customers and some of them are big companies. 

View full review »
JS
Director of Information Technology at a government with 201-500 employees

The solution is primarily used for vulnerability management, specifically vulnerability scanning of the endpoint devices.

View full review »
ZR
Senior Security Analyst at a financial services firm with 1,001-5,000 employees

We are using the solution for configuration review and vulnerability management.

I am using the latest version.

View full review »
FH
Senior manager at Software Productivity Group

We use the solution for vulnerability management of our on-cloud environments.

View full review »
SK
Service Delivery Manager at a security firm with 11-50 employees

We primarily use the solution for vulnerability management.

View full review »
DM
Security Analyst at Zavarovalnica Triglav dd

The primary use case of this solution is for vulnerability management.

We have monthly scans and reporting. The results are in QRadar, which is our SIEM.

View full review »
JV
Cyber Security Engineer at a manufacturing company with 5,001-10,000 employees

We use this solution for our internal server for scanning. We can scan for vulnerabilities and locate them.

We also generate reports for the patching team. We assign tasks to the patching team.

View full review »
DB
CoFounder & Head of Technology at intuity

We are using InsightVM for vulnerability management services. We use it for providing professional services to our customers, and we also use it for our internal use.

We do on-premises and cloud deployments.

View full review »
PR
Information Security Manager at a educational organization with 5,001-10,000 employees

Our primary use case is looking for people who are using Tor, or VPNs generally, and the only way we can see that is if they log in and then they log in in a foreign country right away, which means they're jumping on to the "escalator".

View full review »
AA
Material Coordinator at a energy/utilities company with 1,001-5,000 employees

We are using Rapid7 InsightVM to have a vulnerability assessment solution in our organization to overcome the audit points.

View full review »
FA
Head of Cybersecurity Assurance & Controls Director at a tech services company with 1,001-5,000 employees

I primarily using Rapid7 for vulnerability assessment and reporting.

View full review »
MH
Owner at a tech services company with 1-10 employees

We used InsightVM mainly for vulnerability management. I thought it was a pretty interesting application. I'm a fan of Rapid7's Metasploit, so when I saw InsightVM I was like, "Let's see what else they have." I liked it up until we experienced some issues relating to scans. If I wanted to do mitigation, I needed to wait until the next scan was available or ran so that I could get to see if any indentations were made. 

While I was in there, if I was searching for a specific vulnerability, sometimes it was hard to find the specific ones. In the dashboard, it'll tell you the results from the scans, and it will also tell you the vulnerabilities and it will rank them for risk. I would have liked to have been able to click on the vulnerability and it would take me to another area that just has the vulnerability with all the hosts. It wouldn't let you do that. You had to come back out of that window and go into another window and search for it. Well, you wouldn't get the same results as the number of hosts. I had to work a little bit harder to find exactly what I needed.

Within our organization, there were two of us using it. Both of us were IT analysts. One was an IT analyst III (which was me), and the other one was the IT analyst manager.

View full review »
JG
Enterprise Manager Infrastructure and Operations at McGrath RentCorp

Our primary use case for this solution is to gain insight into internal systems vulnerabilities and remediation tasks.

View full review »
PD
Assistant Engineer at Harel Mallac Technologies Ltd

We use Rapid7 InsightVM mostly for VM management.

View full review »
it_user988146 - PeerSpot reviewer
Director of Cyber Security (CISO) at a marketing services firm with 201-500 employees

In our first use case, we wanted to map the solution back to our NIS (Network and Information Systems) framework and the CIS (Center for Internet Security that publishes Critical Security Controls). That is the first part. The second part of this same use case is that we wanted to do continuous vulnerability scanning. That is we wanted to scan the complete network every month at a minimum. What we are finding out in practice is that we are scanning every week because of our network and the size of it. In the end, we are able to get even more aggressive than our original position.  

The next use case was we wanted to identify the assets that were in our environment. We can identify how many servers we have, we have identified how many desktops and laptops we have got, et cetera. To that point is where we were looking at pretty good.  

Our next use case was the obvious next step where we wanted to identify vulnerabilities. That meant identifying all the vulnerabilities from critical all the way down to the low. We needed to know what they were and how many. Also, we wanted to know how many are unique versus how many there are in total.  

We also wanted to get away from tracking vulnerabilities on spreadsheets. It was incredibly cumbersome, incredibly hard to do, and it was not efficient. The IT guys kept telling me that they did not know how to fix certain issues. So I thought we needed to do CVSS ( Common Vulnerability Scoring System) on it. They were a bit resistant to that idea. Well, I was not about to start doing that for them. So InsightVM gives us the ability now to track the issues and communicate how the remediation should occur to fix vulnerabilities.  

Then the last thing is we wanted was to have a dashboard for management. We had to have a dashboard to be able to have a CIO (Chief Information Officer) log in and find out where we sit with things. Like where do we sit with remediation where are we failing to make expected progress and things of that nature.  

Rapid7 gave us the ability to do a lot of that, and it was not a cumbersome tool to implement. It is good and fits well with pretty much all of our use case needs. It only falls short in a couple of spots.  

View full review »
Khaoula Saidi - PeerSpot reviewer
Cloud and Cyber-Security Technician at Software Productivity Group

Rapid7 allows you to scan the entire network to discover information about devices, such as the type of operating system. 

View full review »
it_user1336563 - PeerSpot reviewer
Technical Consultant at Yip Intsoi

We use the solution to scan our internal OS and applications. 

View full review »
GN
Security Engineer at a computer software company with 51-200 employees

We're mainly using this solution in-house for now and our primary use case is for Red Teaming. I'm a security engineer and we are resellers of Rapid7. 

View full review »
FA
Senior Consultant at a tech services company with 11-50 employees

The solution is similar to Tenable, but Rapid7 also comes with Insight - Detection and Response, which integrates with InsightVM. This alerts the customer in the event of an attack or updates him about the status of a vulnerability. The solution provides increased visibility in the environment when integrating between these two products. 

View full review »
TJ
IT Security Analyst at a financial services firm with 1,001-5,000 employees

We use it for vulnerability scanning.

View full review »
IS
Enterprise ICT Security Architect at a tech services company with 1-10 employees

The primary use is to protect against cybersecurity attacks in your digital infrastructure. One example of such an attack is credential-grabbing.

View full review »
MF
Infrastructure Security Architect at a comms service provider with 11-50 employees

We use Rapid7 for our vulnerability assessment. It scans the network, identifies all of the assets that are present, and then identifies all of the vulnerabilities due to non-patching those systems. Based on that, we can generate reports and make sure that those applications or servers are patched on both the operating system and application level.

View full review »
Smriti Rani - PeerSpot reviewer
System Engineer at a tech services company with 201-500 employees

We use InsightVM for capacity forecasting.

View full review »
NK
Security Team Lead at a tech services company with 10,001+ employees

It is basically used for scanning.

View full review »
AJ
Security Consultant at a tech vendor with 11-50 employees

The main use cases of Rapid7 InsightVM are finding configuration vulnerability checks and patching recommendations. These two are the main use cases that everybody's looking for.

View full review »
ME
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees

Rapid7 InsightVM, like Tenable, is used to enforce the vulnerability management lifecycle.

We identify the assets, scan them, prioritize them, and have a remediation plan in place to address any vulnerabilities that are discovered.

A remediator scan is performed to determine whether or not the discovered vulnerabilities have been patched.

View full review »
Buyer's Guide
Rapid7 InsightVM
March 2024
Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.