4 out of 5.0, Reviewed Aug 23, 2016
The Vendor met or exceeded expectations. The Metasploit addon was oversold and provided little real value to the organization.
It's easy to use, very efficient and effective and has very good reporting and supporting automation.
The internal ticketing application is irrelevant.
Support is a key differentiator. They are very good.
5 out of 5.0, Reviewed Aug 3, 2016
First and foremost InsightIDR is a great product. The visibility we now have is just fantastic. We can quickly and easily drill down through all of the subject/object interactions across the network and pick up on any anomalies or issues as they happen. The service and support from the Rapid 7 team is excellent both during setup/install and afterwards. Unlike many other technology companies the process of getting to speak directly to the experts/developers when needed is quick and efficient. The product is constantly being updated and improved too which makes us sure we have invested in the correct product and InfoSec partner.
The visibility it gives
It does everything we need and more
Deployment support was great, any issues with integration/operation of agents or data sources was quickly and efficiently dealt with by product support or the developer team.
1 of 1 peer(s) found this review helpful.
5 out of 5.0, Reviewed Aug 3, 2016
The Nexpose VMS is by far the best solution that is on the market. We were previously using Qualys and were not happy with some of the features of the product; in particular the way the scanning was setup and how policies were created. Nexpose not only remedied both of these issues but also found issues that Qualys was not finding at the time.
Even though the product has added many features that I have benefited from that were not available when I purchased the product, I think the fact that Rapid7 is always enhancing their product and listening to their consumer base is EXTREMELY great. Not only do they listen to what customers have to say or suggest in their 'Suggestions' forums, they are regularly rolling these new features out. There are many companies that say that they are listening to their customers or going to rollout new features but Rapid7 actually does this on a regular basis.
In order to integrate with some of the 3rd Party Software on the market, you need to have a decent knowledge of Ruby Scripting to do so. With my issue with getting ERPM to integrate with Nexpose, there was always an issue with the version of Ruby, the version of the GEMs, etc... that kept the script from working. Rapid7 does have some built-in integrations with third parties but I believe that they could do better with more integrations.
As mentioned before, Rapid7 had multiple features that were part of the application that several other VMS solutions did not have. Even the ability to find every small vulnerability was greatly superior than any other solution that I did a Proof of Concept for or previously used.
Everytime I have had an issue, I have received quick and concisive responses from the Rapid7 support. Whether it was their support for the product or their Integrations team, I have never had an issue that either did not get resolved or escalated to the proper departments. Even using the Rapid7 Community has been extremely beneficial since not only do other Expert customers give comments in there but also Rapid7 support monitors these posts to try and assist users within the Support Community.
4 out of 5.0, Reviewed Jul 28, 2016
Rapid7 has been a good partner as we mature our vulnerability management program. They have been responsive to our needs. Rapid7 has worked with us to help improve our performance and to help us look critically at how we are utilizing the resources at hand.
Industry leading vulnerability scanner.
We are satisfied with the support we get from Rapid7. We had one issue here recently where we were told that the Nexpose and ServiceNow API's would allow us to create tasks to be assigned. This is still being worked on.
We have success with deployments. Any challenges we run into, we can call Rapid7 and get through it quickly.
5 out of 5.0, Reviewed Jul 22, 2016
Rapid7's solution balances a great user experience with an extremely robust vulnerability scanning product with Nexpose. We have significantly reduced our level of risk over the last year and have even been able to deploy scanning engines in other segments of the business to make sure that we do everything that we can to tighten our security. Our account team has been great, in the rare case that I need support they are prompt and professional.
Ease of use, it does exactly what we need, and it's not too expensive.
We love Rapid7, they are consistently a trusted advisor not just a vendor we work with.
We were able to deploy using just Rapid7's guides and knowledge base, it really couldn't have been easier.
4 out of 5.0, Reviewed Jul 20, 2016
Implementation was a breeze. Support has been fantastic. New features have been plentiful and value-added. Feedback is taken seriously and has often been implemented into the tool sets.
5 out of 5.0, Reviewed Jul 6, 2016
Although I think Rapid7's Nexpose was not totally ready for a large Enterprise solution regarding vulnerability scanning, their recent releases and product improvements, including the "Nexpose Now" dashboard solution, is presenting a solution that I can see evolving our Vulnerability Management Program alongside their product enhancements. It is not a plug and play solution and some of their support products that run the backend services require technical SMEs on hand to fully gain the value from the data and remediation of the tools capabilities.
I like the ability to get under the hood and work with the components that support the platform. Easy to review logs and perform root cause analysis of issues. From an admin perspective it is great.
They are releasing a lot of updates and capabilities, some of which need tuning and do not initially work out of the box.
There is still a lot of implementation to go but the overall resource this product provides our company, along with the future state and integrations, make this a top tier product in the realm of vulnerability management and validation.
They are an amazing group of people. As long as you take onwership of your instance and work with the CSM and TAM, they will bend over backwards to meet your needs.
Was not properly installed to meet the actual needs of the company, not the fault of the vendor, it was brought on board for compliance purposes and then expanded to support the enterprise.
5 out of 5.0, Reviewed Jul 6, 2016
We expected the rollout to take 3 months globally. We were fully implemented and functional within a month, exceeding expectations. The solution has been very effective, lowering our overall risk and we are able to operationally manage it with less than 4 hours of resources per week. The dashboard and reporting are exceptional.
Nexpose was the firs tool we deployed globally when we re-developed our security program. The visibility and reporting from Nexpose has helped shore up what is quite possibly the most important area for defense in IT security. It is a pillar, if not the cornerstone tool, that we look to when we measure risk.
Nexpose is continuing to grow its offerings and has some configuration scoring capabilities, but this area is something that could be improved.
We had not seen any other competing product as easy to use and deploy, without giving up substantial functionality. We have continually added new capabilities to our program through the use of this tool. It has even become a "go to" tool for questions or information on assets as well.
While we have been very happy with the product, we have had to open tickets occasionally with Rapid7. Their support team is very quick to respond, excellent at what they do and have been able to provide timely solutions for us when ever we need support.
The deployment was simple, using virtual appliances. Standing up the technology and initial configuration took a month, done internally with no external consulting. We continue to refine the solution, adding new capabilities, but largely unchanged from initial implementation.
5 out of 5.0, Reviewed Jul 3, 2016
Vendor support was amazing, fast, and effective. The product provided ROI during the 1 week demo period and was able to identify hostile nation-state activity on one of our cloud services.
It just works. Very useful and actionable alerts and insight into behaviour that simply cannot be derived from log analysis alone.
It is still a young product and it experiences big changes as it progresses. Minor bugs with the integration with LogRhythm.
Works surprisingly well
Super-human support. Even minor feedback was responded to in less than an hour by email.
Everything worked well but with a few bugs. Any problems that were encountered were solved quickly and effectively by the vendor.
4 out of 5.0, Reviewed Jun 30, 2016
Works well and provides great insight.
ease of use
lack of very tight role based access control
Reporting is an areas of continued improvement.
Very helpful and very engaged support model.
Easy to deploy with prebuilt virtual appliances.