Rapid7 Nexpose, not all it's cracked up to be
February 13, 2020

Rapid7 Nexpose, not all it's cracked up to be

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with Rapid7 Nexpose

We currently use Rapid7 Nexpose for all Vulnerability scanning for current and new assets. Several asset groups have been created with assets owners receiving weekly reports for just the assets they own for a weekly snapshot to gauge their trending. We also utilize ad-hoc scans to ensure new devices do not have outstanding patches before being deployed.
  • Creating Device Groups is very easy.
  • The API tie ins work well.
  • Frequent updates and console lockups.
  • A lot of issues with scans running long out of nowhere, causing resource issues for the next scans.
  • Once the initial setup is done, which does take some time and thought, it can be managed by one person.
  • Emailing of weekly auto run reports to business owners is valuable.
I personally like Qualys much better. Out of the box, and the overall configuration is more natural, and the system itself is more stable.
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.

Do you think Rapid7 InsightVM delivers good value for the price?

Not sure

Are you happy with Rapid7 InsightVM's feature set?


Did Rapid7 InsightVM live up to sales and marketing promises?


Did implementation of Rapid7 InsightVM go as expected?


Would you buy Rapid7 InsightVM again?


  • Works well most of the time for even large enterprise organizations, but takes a lot of care and feeding to ensure it's running properly.
  • We have had several issues with 'ghost machines' not updating and continue to report on IP's with no devices attached.
  • Could use better filtering and reporting built-in and more customized options.