Skip to main content
TrustRadius
Rapid7 InsightVM

Rapid7 InsightVM
Formerly Nexpose

Overview

What is Rapid7 InsightVM?

InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also…

Read more
Recent Reviews

TrustRadius Insights

Rapid7 NeXpose is widely used across organizations for various use cases related to vulnerability management and security assessment. With …
Continue reading
TrustRadius Insights
TrustRadius Insights

Expose on Nexpose

8 out of 10
June 21, 2017
Incentivized
Nexpose from Rapid7 is a vulnerability scanner that supports the vulnerability management lifecycle. It addresses discovery, detection, …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing

Log Management

$19

Cloud
per GB

Vulnerability Management

$22

Cloud
per asset

insightIDR

$52

Cloud
per asset

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Rapid7 InsightVM - Managing Remediation Activities for Discovered Vulnerabilities Lab Demo

YouTube

PrintNightmare and HiveNightmare Vulnerability Assessment with Rapid7 InsightVM - Lab Demo 5

YouTube

Rapid7 InsightVM - Security Console Features Lab Demo 3 by Jovo

YouTube

Rapid7 InsightVM –Vulnerability Analysis, Reporting & Dynamic Assets Filtering - Lab Demo 6 by Jovo

YouTube

Rapid7 InsightVM Walkthough Demo Rapid7 InsightVM Architecture and Components Session 1

YouTube
Return to navigation

Product Details

What is Rapid7 InsightVM?

Rapid7 InsightVM Video

Overview Video: InsightVM

Rapid7 InsightVM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.

Reviewers rate Automated Alerts and Reporting and Configuration Monitoring highest, with a score of 8.7.

The most common users of Rapid7 InsightVM are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(74)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Rapid7 NeXpose is widely used across organizations for various use cases related to vulnerability management and security assessment. With its powerful scanning capabilities, it allows users to discover vulnerabilities in their infrastructure, including cloud-based servers. Many users implement NeXpose as a pentesting tool to scan sensitive servers and identify weaknesses that could potentially be exploited by hackers. This helps organizations proactively address vulnerabilities before they can be exploited, enhancing overall security posture. Users have found NeXpose to be valuable for vulnerability scanning of both current assets and new build servers, providing asset owners with weekly reports to track trends and prioritize remediation efforts. Security consultants also rely on NeXpose for performing vulnerability assessments for their clients, leveraging its robust features such as risk classification, impact analysis, and reporting.

In addition to vulnerability management, Rapid7 NeXpose is often utilized for meeting regulatory requirements, such as PCI compliance. Organizations leverage the tagging features of NeXpose to easily sort scans and reports for different asset owners or teams, streamlining the vulnerability management process. Furthermore, the software serves as the primary vulnerability scanner across the organization, acting as the source of truth for identifying current vulnerabilities in the environment. It supports the discovery and assessment of devices on networks, encompassing physical servers, virtual servers, and cloud-based servers. Another notable use case is its integration with Rapid7 InsightVM, allowing centralized compliance and vulnerability management by scanning services or devices in the network and generating comprehensive reports on vulnerabilities and remediation actions.

Overall, Rapid7 NeXpose provides organizations with a reliable solution to discover vulnerabilities, mitigate risks, and maintain a strong security posture through regular scanning and assessment of their infrastructure.

Attribute Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
January 13, 2023

Rapid7 InsightVM Review !

Verified User
Professional in Information Technology
Financial Services Company, 5001-10,000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
Rapid7 InsightVM is well suited for large enterprises where it automatically detects new devices and start scanning it. So it completely eliminates the dependency of manually adding newly added services / devices for the scanning. Even same goes for the devices which are decommissioned. No need of manually removing it. So this way, it works very well with large enterprises as a Centralized tool for vulnerability and compliance management.
January 09, 2023

A leader tool for pentesting

Verified User
Engineer in Engineering
Computer Networking Company, 1001-5000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
Rapid7 InsightVM is perfect for a scenario where IT admin or CISO wants to scan its infrastructure to be sure that there is no vulnerability that could be exploited from outside or inside the company. It also could be used to automate patching and dealing with vulnerabilities. It's also adapted for users that need cloud security management
August 24, 2021

Great source of truth for vulnerabilities

Verified User
Analyst in Information Technology
Hospital & Health Care Company, 10,001+ employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
For highly detailed reports of vulnerabilities in an environment, Rapid7 InsightVM (Nexpose) is top-notch. The data is easily manipulated to get the results you are looking for. Setting up groups for active scans on a schedule has been a great help as well as the ad-hoc reports for any new vulns being reported.
February 13, 2020

Rapid7 Nexpose, not all it's cracked up to be

Verified User
Analyst in Finance and Accounting
Financial Services Company, 1001-5000 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
  • Works well most of the time for even large enterprise organizations, but takes a lot of care and feeding to ensure it's running properly.
  • We have had several issues with 'ghost machines' not updating and continue to report on IP's with no devices attached.
  • Could use better filtering and reporting built-in and more customized options.
September 26, 2019

A very good vulnerability scanner.

Verified User
Consultant in Information Technology
Information Technology and Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
Being a vulnerability scanning tool, Rapid7 Nexpose is very well suited to perform vulnerability scans and document the scan results. Rapid7 Nexpose is well suited if someone wants to perform the credential/authentication scan for assets like public IP addresses. However, I think it is not appropriate when accurate scan results are required because of the number of false positives it provides.
May 15, 2018

NeXpose - Its almost there

Verified User
Engineer in Information Technology
Non-Profit Organization Management Company, 501-1000 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
All in all, it's a great vulnerability management platform and would work for most companies looking for a straightforward solution. We rely heavily on integration and automation and it has room for improvement there. We would like it to connect to applications out of the box or vendor supported rather than creating those connectors in-house.
May 14, 2018

Dream or nightmare. Flip a coin.

Verified User
Analyst in Information Technology
Oil & Energy Company, 1001-5000 employees
Score 5 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
When it works, its a fantastic tool with plenty of value to spare. When it doesn't work, its a time sucking money pit of despair. I've used the data to prove other systems were not reporting correctly. I could count systems by type faster than any other inventory system. I could find how many machines had a specific version of software in minutes. I've also lost weeks of time trying to get scans to run consistently. We've lost months of data from failure. Its a 50/50 crap shoot. Are you willing to put up with problems for fantastic data? It could work perfectly for you. It could also be a brick.
June 21, 2017

Expose on Nexpose

Verified User
Manager in Information Technology
Maritime Company, 201-500 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
Rapid7 is well suited for security operations teams and includes an ability to tie almost anything into it via the Ruby API. The reporting provides prioritization of results which easily directs the team to get the quickest security gains with the least amount of effort, "apply this patch to remediate this amount of vulnerabilities on this device."
August 02, 2016

Unleashed more advanced features and automation with scripting and SQL

Verified User
Engineer in Information Technology
Retail Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Likelihood to Recommend
This is NOT a point-and-click product.
Rapid7 NeXpose is well suited for company or team have member(s) with scripting and SQL skills. You may find some features missing or it is not working the way you want from time to time. It is great that Rapid7 open the products' API, and maybe they know their product is NOT perfect nor suit everyone's need. The API can allow you to do more advanced work like automation, but if the team who use or manage it does not has member proficient in scripting or SQL query, it maybe frustrated to just purely going through the GUI or wait the support for solution.
Return to navigation