Skip to main content
TrustRadius
Rapid7 InsightVM

Rapid7 InsightVM
Formerly Nexpose

Overview

What is Rapid7 InsightVM?

InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also…

Read more
Recent Reviews

TrustRadius Insights

Rapid7 NeXpose is widely used across organizations for various use cases related to vulnerability management and security assessment. With …
Continue reading
TrustRadius Insights
TrustRadius Insights

Expose on Nexpose

8 out of 10
June 21, 2017
Incentivized
Nexpose from Rapid7 is a vulnerability scanner that supports the vulnerability management lifecycle. It addresses discovery, detection, …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing

Log Management

$19

Cloud
per GB

Vulnerability Management

$22

Cloud
per asset

insightIDR

$52

Cloud
per asset

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

Rapid7 InsightVM - Managing Remediation Activities for Discovered Vulnerabilities Lab Demo

YouTube

PrintNightmare and HiveNightmare Vulnerability Assessment with Rapid7 InsightVM - Lab Demo 5

YouTube

Rapid7 InsightVM - Security Console Features Lab Demo 3 by Jovo

YouTube

Rapid7 InsightVM –Vulnerability Analysis, Reporting & Dynamic Assets Filtering - Lab Demo 6 by Jovo

YouTube

Rapid7 InsightVM Walkthough Demo Rapid7 InsightVM Architecture and Components Session 1

YouTube
Return to navigation

Product Details

What is Rapid7 InsightVM?

Rapid7 InsightVM Video

Overview Video: InsightVM

Rapid7 InsightVM Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.

Reviewers rate Automated Alerts and Reporting and Configuration Monitoring highest, with a score of 8.7.

The most common users of Rapid7 InsightVM are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(74)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Rapid7 NeXpose is widely used across organizations for various use cases related to vulnerability management and security assessment. With its powerful scanning capabilities, it allows users to discover vulnerabilities in their infrastructure, including cloud-based servers. Many users implement NeXpose as a pentesting tool to scan sensitive servers and identify weaknesses that could potentially be exploited by hackers. This helps organizations proactively address vulnerabilities before they can be exploited, enhancing overall security posture. Users have found NeXpose to be valuable for vulnerability scanning of both current assets and new build servers, providing asset owners with weekly reports to track trends and prioritize remediation efforts. Security consultants also rely on NeXpose for performing vulnerability assessments for their clients, leveraging its robust features such as risk classification, impact analysis, and reporting.

In addition to vulnerability management, Rapid7 NeXpose is often utilized for meeting regulatory requirements, such as PCI compliance. Organizations leverage the tagging features of NeXpose to easily sort scans and reports for different asset owners or teams, streamlining the vulnerability management process. Furthermore, the software serves as the primary vulnerability scanner across the organization, acting as the source of truth for identifying current vulnerabilities in the environment. It supports the discovery and assessment of devices on networks, encompassing physical servers, virtual servers, and cloud-based servers. Another notable use case is its integration with Rapid7 InsightVM, allowing centralized compliance and vulnerability management by scanning services or devices in the network and generating comprehensive reports on vulnerabilities and remediation actions.

Overall, Rapid7 NeXpose provides organizations with a reliable solution to discover vulnerabilities, mitigate risks, and maintain a strong security posture through regular scanning and assessment of their infrastructure.

Attribute Ratings

Reviews

(1-4 of 4)
Companies can't remove reviews or game the system. Here's why
January 13, 2023

Rapid7 InsightVM Review !

Verified User
Professional in Information Technology
Financial Services Company, 5001-10,000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Rapid7 InsightVM is very much useful in using as a Centralized tool or console for Compliance and vulnerability management. It scans the services or devices in your network and generates reports based on its own database. This report include all the running vulnerabilities and also it gives details on remediation of it. So it becomes very much useful for handling vulnerability management and compliance requirement.
Pros and Cons
  • Automatic Scanning of devices
  • Good reporting
  • Easy to manage
  • Costing
  • False positive findings
Likelihood to Recommend
Rapid7 InsightVM is well suited for large enterprises where it automatically detects new devices and start scanning it. So it completely eliminates the dependency of manually adding newly added services / devices for the scanning. Even same goes for the devices which are decommissioned. No need of manually removing it. So this way, it works very well with large enterprises as a Centralized tool for vulnerability and compliance management.
Most Important Features
  • Automatic device addition or removal
  • User Friendly console
  • Easy to manage
  • Good reporting
Rapid7 InsightVM Feature Ratings
Vulnerability Management Tools (5)
90%
9.0
IT Asset Realization
90%
9.0
Authentication
90%
9.0
Configuration Monitoring
90%
9.0
Web Scanning
90%
9.0
Vulnerability Intelligence
90%
9.0
Threat Intelligence (7)
87.14285714285714%
8.7
Network Analytics
90%
9.0
Vulnerability Classification
80%
8.0
Automated Alerts and Reporting
100%
10.0
Threat Analysis
80%
8.0
Threat Intelligence Reporting
90%
9.0
Automated Threat Identification
90%
9.0
Threat Recognition
80%
8.0
Return on Investment
  • It is helpful for achieving our vulnerability and compliance requirement
  • Its dashboard gives very good graphical view of report
  • As a admin, it is very much easy to manage
  • Only concern with the tool I have is its costing
Other Software Used
January 12, 2023

It has Insight for all your Enterprise

Varun Khare | TrustRadius Reviewer
Varun Khare
Senior Analyst
Western Union (Financial Services, 10,001+ employees)
Score 9 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
As a financial institution, we have to be up and running securely 24x7x365. So be online is easier with Cloud services but security is concern when you operate in Cloud environment and that is where Rapid7 InsightVM helps us. Rapid7 InsightVM help us to scan our overall infrastructure including cloud infra. here we have complete glance our vulnerability and remediation.
Pros and Cons
  • Scanning Vulnerabilities
  • Checking Missing Configs
  • Asset Management
  • Policy Assessment has improvement needed
  • Shadow IT Host
Likelihood to Recommend
Well, I would say It worked well in all aspects then Policy Assessments and Ghost Asset management. This need to improved because we are scanning many ghost host that are no longer anymore in system.
Most Important Features
  • Live Dashboarding
  • Risk Prioritization
  • Container Security
Rapid7 InsightVM Feature Ratings
Vulnerability Management Tools (5)
84%
8.4
IT Asset Realization
90%
9.0
Authentication
90%
9.0
Configuration Monitoring
90%
9.0
Web Scanning
70%
7.0
Vulnerability Intelligence
80%
8.0
Threat Intelligence (7)
81.42857142857142%
8.1
Network Analytics
80%
8.0
Vulnerability Classification
90%
9.0
Automated Alerts and Reporting
70%
7.0
Threat Analysis
80%
8.0
Threat Intelligence Reporting
80%
8.0
Automated Threat Identification
90%
9.0
Threat Recognition
80%
8.0
Return on Investment
  • Positive- Continue Monitoring
  • Positive- Great Reporting
  • Negative- Shadow IT is big mess
Alternatives Considered
There is not major changes but I would like to say Remediation process is far organised then Qualys. Easy UI and Live dashboarding is add-on.
Other Software Used
January 09, 2023

A leader tool for pentesting

Verified User
Engineer in Engineering
Computer Networking Company, 1001-5000 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I used to use Rapid7 InsightVM as a pentesting tool. I implemented the solution on servers to test the client environment by scanning sensitive servers. The main goal is to find weaknesses and vulnerabilities in the systems that could be exploited by hackers. And then generate a report that could be used as a reference for patching the system.
Pros and Cons
  • vulnerability managment
  • applicative security
  • orchestration
  • produt implementation
  • report clearness
  • time to execute scans can be improved
Likelihood to Recommend
Rapid7 InsightVM is perfect for a scenario where IT admin or CISO wants to scan its infrastructure to be sure that there is no vulnerability that could be exploited from outside or inside the company. It also could be used to automate patching and dealing with vulnerabilities. It's also adapted for users that need cloud security management
Most Important Features
  • progress tracking
  • full network scan capability
  • patch managment
Rapid7 InsightVM Feature Ratings
Vulnerability Management Tools (5)
76%
7.6
IT Asset Realization
60%
6.0
Authentication
70%
7.0
Configuration Monitoring
80%
8.0
Web Scanning
90%
9.0
Vulnerability Intelligence
80%
8.0
Threat Intelligence (7)
70%
7.0
Network Analytics
80%
8.0
Vulnerability Classification
80%
8.0
Automated Alerts and Reporting
90%
9.0
Threat Analysis
90%
9.0
Threat Intelligence Reporting
N/A
N/A
Automated Threat Identification
70%
7.0
Threat Recognition
80%
8.0
Return on Investment
  • less attackes good be succefull
  • less investment on audit and external pentesting resources
  • fully automated solution with few human interaction needed
Alternatives Considered
Rapid7 InsightVM is a more professional tool than Nessus because historically, it was based on metasploit which is a powerful pentesting and exploiting tool. InsightVM covers more attacking scenarios and vulnerabilities than competitors and still a leader in this domain.cloud capability is also not available forNesuus and some other products. Rapid7 InsightVM is a way better as a pentesting tool in my opinion
Other Software Used
August 24, 2021

Great source of truth for vulnerabilities

Verified User
Analyst in Information Technology
Hospital & Health Care Company, 10,001+ employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We are currently using the software as our primary vulnerability scanner and source of truth for current vulnerabilities in the environment. For new systems, it is required for the system to be registered in Rapid7 InsightVM (Nexpose) and have a scan conducted before it is allowed into production. It is a critical pillar in our environment.
Pros and Cons
  • report on a system vulnerability
  • consistent scanning
  • easy to understand results
  • System management
  • UI
  • Noise tuning from the scans on systems
Likelihood to Recommend
For highly detailed reports of vulnerabilities in an environment, Rapid7 InsightVM (Nexpose) is top-notch. The data is easily manipulated to get the results you are looking for. Setting up groups for active scans on a schedule has been a great help as well as the ad-hoc reports for any new vulns being reported.
Most Important Features
  • Active scheduled scans
  • Newly reported vulnerabilities are quickly up for scanning
  • Easily maintained
Return on Investment
  • Easily start an adhoc scan for new system vulnerabilities for print nightmare was super easy.
  • Auditable source of truth for general network and system health
  • Provides a checkpoint in our workflow to ensure that unapproved systems are not being stood up.
Return to navigation