Dream or nightmare. Flip a coin.
May 14, 2018

Dream or nightmare. Flip a coin.

Anonymous | TrustRadius Reviewer
Score 5 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Rapid7 NeXpose

Rapid7 NeXpose performs discovery and vulnerability assessment of devices on a network. This data can be exported into other tools, or produce reports for threat remediation. The software supports physical servers, virtual servers, and cloud-based servers. For large environments, additional scanners can be deployed with the same options. Multiple OSs are supported and backups can be enabled for restoration across platforms.

  • Queries against inventory are easy and useful
  • Most threats discovered a have plenty of detail about the nature of the problem and how to mitigate
  • Dashboards are abundant
  • Once the organization of the tool is understood, operation is easy
  • Devices found and scanned are never removed. Removal must be done manually with no option for automation.
  • The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
  • Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
  • Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
  • After spending 2 years configuring, tuning, troubleshooting, and ultimately having nothing but regrets, we migrated away from the tool and accepted the loss.
  • Support had a variety of opinions, none of them consistent. No best practices. Lots of secret tricks known by support, none documented or shared until after problems are found.
  • Consulting services are available to come out and do a health check of your deployment, for a fee.
Nessus Pro does scans, but does not maintain an inventory from scan to scan. There is no history for a specific device, you have to look inside the results of each scan. Search across inventory is non-existent. There are no dashboards for data analysis. This is no tracking for remediation.
When it works, its a fantastic tool with plenty of value to spare. When it doesn't work, its a time sucking money pit of despair. I've used the data to prove other systems were not reporting correctly. I could count systems by type faster than any other inventory system. I could find how many machines had a specific version of software in minutes. I've also lost weeks of time trying to get scans to run consistently. We've lost months of data from failure. Its a 50/50 crap shoot. Are you willing to put up with problems for fantastic data? It could work perfectly for you. It could also be a brick.