We just raised a $30M Series A: Read our story
IS
Enterprise ICT Security Architect at a tech services company with 1-10 employees
Real User
Top 20
Good scalability, reporting, and technical support

Pros and Cons

  • "We are very satisfied with the reports, as they provide us with the information that is required for our management."
  • "There have been instances where technical support takes a long time to update the status of a ticket, which is something that can be improved."

What is our primary use case?

The primary use is to protect against cybersecurity attacks in your digital infrastructure. One example of such an attack is credential-grabbing.

What is most valuable?

We have put in some requests for enhancements and they are listening quite well. When there is something that we want to have enhanced then we can easily chat with the people at Rapid7. If it makes sense and another customer thinks that it makes sense then it will be built into the next release.

We are very satisfied with the reports, as they provide us with the information that is required for our management. You can perform the queries that you need.

What needs improvement?

There have been instances where technical support takes a long time to update the status of a ticket, which is something that can be improved.

For how long have I used the solution?

I have been using this product for about two and a half years.

What do I think about the stability of the solution?

The stability is okay.

What do I think about the scalability of the solution?

In terms of scalability, this product is awesome. We have more than 5,000 users and we plan to increase our usage in the future.

How are customer service and technical support?

The technical support is very nice. They are good and they listen to the customers, which is very important in my opinion.

There is always a demand for technical support to be faster. That said, I think it is much more important to have quality and communication. If I am going to be updated during the course of the case that is running, then that is okay with me. Also, as long as the quality stays in the system and they keep on improving, I am satisfied.

Which solution did I use previously and why did I switch?

We switched to Rapid7 because we were not satisfied with our previous solution. It was not up to par in terms of our needs and standards.

How was the initial setup?

The initial setup is very straightforward and not complex at all. Our deployment took about three months.

This is mostly a cloud-based solution that works with the assistance of agents and collectors.

What about the implementation team?

We implemented and deployed this product on our own.

What's my experience with pricing, setup cost, and licensing?

The licensing is asset-based and very straightforward.

What other advice do I have?

Overall, this is a product that I am very satisfied with.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
FA
Senior Consultant at a tech services company with 11-50 employees
Real User
Top 5
Good visibility in the event of an attack

Pros and Cons

  • "When it comes to the process, installation is very easy and does not take long."
  • "All products have room for increased security and Rapid7 InsightVM is no exception."

What is our primary use case?

The solution is similar to Tenable, but Rapid7 also comes with Insight - Detection and Response, which integrates with InsightVM. This alerts the customer in the event of an attack or updates him about the status of a vulnerability. The solution provides increased visibility in the environment when integrating between these two products. 

What needs improvement?

All products have room for increased security and Rapid7 InsightVM is no exception. This is why I do not give a perfect score to any product on principle. 

For how long have I used the solution?

We have been using Rapid7 InsightVM for a couple of months.

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The solution is scalable. 

We have plans to increase its usage.

Which solution did I use previously and why did I switch?

I have some experience with Tenable Nessus, although I did not use it on a professional basis. 

How was the initial setup?

When it comes to the process, installation is very easy and does not take long. As a matter of course, installing a VM and connecting to a portal is easy. That is all that is needed. Time-wise, this may take an hour. Once the portal and scanner are connected one can start getting the environment. 

What's my experience with pricing, setup cost, and licensing?

The license is annual and this is the optimal approach when it comes to most software. 

What other advice do I have?

The solution is hybrid, meaning that if installation is required it must be done on the environment itself, on-premises, the portal being cloud-based. 

The solution has very good integration, so I see no need for improvements in this regard at present. 

I have no issues with the stability, security, user interface, reporting, monitoring board or Techstar reports. These are all good. 

The documentation is quite detailed and straightforward. It is provided to me via the internet. 

Off the top of my head, I cannot think of anything needing improvement.

We have a single customer who is utilizing the solution, but he makes use of IDR, not IVM.

I would recommend the solution to others.

I rate Rapid7 InsightVM as an eight out of ten. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Learn what your peers think about Rapid7 InsightVM. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,148 professionals have used our research since 2012.
Zain Rehman
Senior Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
Top 20
We have fewer false positives when using it

Pros and Cons

  • "We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
  • "The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."

What is our primary use case?

We are using the solution for configuration review and vulnerability management.

I am using the latest version.

How has it helped my organization?

We have fewer false positives.

What is most valuable?

We feel the interface is very good. It is very easy to use, even a nontechnical person can use it.

What needs improvement?

The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it. I cannot pull up two or three things in one report.

For how long have I used the solution?

Three years.

What do I think about the stability of the solution?

It is stable. For the last three years, we haven't faced any bugs.

What do I think about the scalability of the solution?

It's very easily scalable. You just have to renew your license, and the scalability is already done.

Currently, we have three people who are use the solution. We manage this solution for the whole organization.

How are customer service and technical support?

The technical support is very helpful, but too slow. Overall, it usually takes 24 hours for them to reply, but the support that they provide is good.

How was the initial setup?

It's very straightforward. The deployment took less than an hour.

What about the implementation team?

We implemented it on our own.

What's my experience with pricing, setup cost, and licensing?

The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization.

We have 600 to 700 licenses.

Which other solutions did I evaluate?

We tested two to three solutions where we had a couple of false positives. 

Rapid7 InsightVM has very low false positives, so you don't have to go in manually and verify them. This solution is efficient.

What other advice do I have?

I would recommend the product. The product is very good.

I would rate the product between a nine and a nine point five (out of 10).

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Layth Mansour
Information Security Officer at Umniah
Real User
Top 5
It's smarter and more accurate from an application perspective

Pros and Cons

  • "Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
  • "The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."

What is our primary use case?

We use a hybrid setup. Some dashboards and configurations are uploaded to the Cloud, and some of them are on-premises. The main engine is on-premises. We have about 12 customers and some of them are big companies. 

What is most valuable?

There are a few main features that we are very happy with. Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective.

What needs improvement?

The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier.

For how long have I used the solution?

I've been using Rapid7 for about two years.

What do I think about the scalability of the solution?

From a scalability standpoint, it's good because they give you around 100%. If you want to increase your asset counts, for example, they give you permission for 100% above the limit that you pay for.

How are customer service and technical support?

Their support is very good. Technical support varies from person to person. Some cases have taken some time, but once it was escalated, everything was done well and the problem was solved. We've had some cases involving integration, remote sites, and some special configurations. They provided us with some support on all that.  

How was the initial setup?

It's straightforward. Everything is like setting up Lego cubes. It doesn't take much time to deploy. The first deployment may take around an hour or two.

What's my experience with pricing, setup cost, and licensing?

The license could be a little bit cheaper. For all these features, you would expect to pay a little bit lower but around the same general price. Licenses are paid yearly. For some customers, we pay two years at a time, but mostly it's yearly.

What other advice do I have?

I would rate it nine out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
JV
Cyber Security Engineer at a manufacturing company with 5,001-10,000 employees
Real User
Top 5
Good reporting, useful automation features, and has good technical support

Pros and Cons

  • "It's a relevant management tool."
  • "I would like to see more integration."

What is our primary use case?

We use this solution for our internal server for scanning. We can scan for vulnerabilities and locate them.

We also generate reports for the patching team. We assign tasks to the patching team.

What is most valuable?

It's a relevant management tool. 

It has some useful automation features. The report generating and the scanning are very helpful.

What needs improvement?

It would be very helpful to have integration. There are many plugins that can be used for tasks that would help the visibility and be able to locate the exact problem.

I would like to see more integration. 

I would also like to see more flexibility when scheduling the scans. We should be able to schedule scans when we want them to be scheduled. Currently, they have to be scheduled before a certain day of the week.

For how long have I used the solution?

I have been using Rapid7 InsightVm for six months during my internship.

What do I think about the stability of the solution?

Rapid7 InsightVM is a stable product.

What do I think about the scalability of the solution?

We have no issues with the scalability of this solution. We have a vulnerability management team of four who are using it, and in our organization, we have approximately 20 people, including management.

How are customer service and technical support?

Technical support is good.

Which solution did I use previously and why did I switch?

I have used Tenable Nessus previously for my personal projects. I used it for scanning for my projects in college.

How was the initial setup?

I was not involved in the installation. It was already installed previously.

What's my experience with pricing, setup cost, and licensing?

Licensing fees are paid on a yearly basis.

What other advice do I have?

I would recommend this solution to others, but more integration features would be more helpful.

I would rate Rapid7 InsightVM an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Pongtosaporn Junlobol
Vice President at INET Managed Services Co.,LTD.
Reseller
Great scanning capabilities, fast, powerful, easy to access

Pros and Cons

  • "It's easy to use. It's fast, it's a powerful easy to access tool."
  • "The InsightVM cannot scan if we connect to our customer by the VPN."

What is most valuable?

InsightVM is good. It's easy to use. It's fast, it's a powerful, easy to access tool.

What needs improvement?

I have had some difficult problems with InsightVM. The InsightVM cannot scan if we connect to our customer by the VPN. I asked the Rapid7 support, they told me that the InsightVM can only work on the same network. We cannot use InsightVM by VPN. It also consumes a lot of memory. It would be good if they could resolve that.

For how long have I used the solution?

We worked with Rapid7 InsightVM for one year.

What do I think about the stability of the solution?

It is very stable, but it consumes a lot of memory.

What do I think about the scalability of the solution?

Scalability is good on the same network but not if you have to connect to another network.

How are customer service and technical support?

I think the support is okay. They responded very quickly, and it was sufficient.

How was the initial setup?

InsightVM is Window-based. It is easy to install and easy to use.

What about the implementation team?

It took us about half a day to set up. When we bought from the distributor in Thailand, the distributor sent an engineer to install and explain how to use it and how to customize the report.

Which other solutions did I evaluate?

My team uses a small tool such as Tenable Nessus and Rapid7 InsightVM, but when we use both tools and compared the report, Tenable Nessus is very easy to consolidate, to expand to our customer, but InsightVM is very difficult. We would have to cancel it to explain the daily part to our customers.

What other advice do I have?

I would recommend having the distributor help you to explain how this software works and to help with the details. I would rate it at an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Davide Baudanza
CoFounder & Head of Technology at intuity
Real User
Top 5
Professional support, absolutely stable, and easy to use and deploy

Pros and Cons

  • "I really love the new platform. It is really easy to understand, use, and deploy."
  • "It would be great to have a mobile application client. Currently, you have to use a mobile web browser on a device, but it is not similar to the desktop web browser in terms of user experience. It would be nice to have a mobile application to access the platform."

What is our primary use case?

We are using InsightVM for vulnerability management services. We use it for providing professional services to our customers, and we also use it for our internal use.

We do on-premises and cloud deployments.

What is most valuable?

I really love the new platform. It is really easy to understand, use, and deploy. 

Their support is very professional and good at troubleshooting issues.

What needs improvement?

It would be great to have a mobile application client. Currently, you have to use a mobile web browser on a device, but it is not similar to the desktop web browser in terms of user experience. It would be nice to have a mobile application to access the platform. 

It would be nice to have someone in the technical support team who speaks Italian. 

For how long have I used the solution?

We have been in a partnership with Rapid7 for five years.

What do I think about the stability of the solution?

It is absolutely stable.

What do I think about the scalability of the solution?

It is scalable. We have 40 customers who are using this solution.

How are customer service and technical support?

Their technical support is great, but it would be nice to have someone in the technical support team who speaks Italian. 

We speak Italian with Safeguy. So, sometimes, Safeguy's technical teams also help us.

How was the initial setup?

Its initial setup is easy and quick. We are typically able to deploy it in a couple of hours.

We have 15 certified and dedicated engineers to handle its deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

In some cases, we procure the licenses. In some cases, the customers directly buy the license from Rapid7.

What other advice do I have?

I would rate Rapid7 InsightVM a nine out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
ME
Senior Cyber Security Specialist at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
It performs well and is stable, but it is difficult to manage

Pros and Cons

  • "The performance is good."
  • "Rapid7 could be easier to manage."

What is our primary use case?

Rapid7 InsightVM, like Tenable, is used to enforce the vulnerability management lifecycle.

We identify the assets, scan them, prioritize them, and have a remediation plan in place to address any vulnerabilities that are discovered.

A remediator scan is performed to determine whether or not the discovered vulnerabilities have been patched.

What is most valuable?

The performance is good.

What needs improvement?

Rapid7 could be easier to manage. When you compare it to other similar solutions, it is a bit difficult to manage.

The reporting could be improved.

For how long have I used the solution?

I have been using Rapid7 InsightVM for two years.

At the time that it was used, I was using the latest version.

What do I think about the stability of the solution?

The installation is simple and quick; it only takes 10 minutes to complete.

Which solution did I use previously and why did I switch?

I have used Tenable SC and Tenable.io, and you cannot compare to Tenable SC or Tenable.io with any other vulnerability solution.

Tenable has that supremacy. It is very easy to manage and very easy to understand. You don't need any prior knowledge or experience to install it; you can do it on your own. You don't need any additional assistance or help through a search on how to install or scan your assets.

Tenable has a very powerful reporting engine but needs to be enhanced.

What other advice do I have?

Tenable is number one, Rapid7 comes second.

I would rate Rapid7 a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Product Categories
Vulnerability Management
Buyer's Guide
Download our free Rapid7 InsightVM Report and get advice and tips from experienced pros sharing their opinions.