Listing Thumbnail

    InsightVM - Vulnerability Management

     Info
    Sold by: Rapid7 
    Vendor Insights
    Rapid7 InsightVM is a vulnerability management solution that doesn't just provide visibility into the risks present in your IT environment. It equips you with the reporting, automation, and integrations needed to prioritize and fix those vulnerabilities in a fast and efficient manner.
    Listing Thumbnail

    InsightVM - Vulnerability Management

     Info
    Sold by: Rapid7 

    Overview

    When it comes to risk management, the ability to detect problems is meaningless if you can't fix what you uncover. That's why we've designed InsightVM to detect risk and also arm security teams with the tools needed to overcome the communication barriers and organizational silos that can make remediation so hard.

    Rapid7 InsightVM starts with the array of capabilities you'd expect from a solution that's been named by Forrester as a leader in the last three consecutive Wave reports on Vulnerability Risk Management:

    • Get complete visibility into the presence of vulnerabilities through scan engines, the cross-product Rapid7 Insight Agent, and direct API integrations with AWS, other cloud providers, container repositories, and more.
    • Detect over 150 kinds of misconfigurations in your AWS environment.
    • Monitor your attack surface to uncover known and unknown external-facing assets.
    • Evaluate compliance with industry frameworks or custom policies.

    Once risks have been found, InsightVM helps teams take action:

    • Proprietary real-risk score helps teams prioritize the biggest threats
    • Automatically create tickets in JIRA or ServiceNow based on findings
    • Automation capabilities include integrations with SCCM and BigFix
    • Custom generated code snippets let you fix AWS misconfigurations with a few clicks
    • Goal and SLA reporting, remediation projects, and customizable dashboards help track progress over time and share results across the organization

    Highlights

    • Full Visibility: InsightVM assesses physical servers, virtual machines (such as EC2 instances), containers, and remote endpoints. Plus, since risk to your organization is more than just missing patches, it also detects misconfigurations in AWS.
    • Real-Time: Direct integrations with AWS and other cloud providers ensure data in InsightVM is always up-to-date. It also allows you to pull in all your EC2 tags for tracking, reporting, and organization.
    • Available as a Managed Service: Let our team, led by a dedicated security advisor, run InsightVM for you. The best part? You still get full access to InsightVM for those times when you want to roll up your sleeves.

    Details

    Sold by

    Categories

    Delivery method

    Features and programs

    Vendor Insights

     Info
    Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    InsightVM - Vulnerability Management

     Info
    Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

    12-month contract (3)

     Info
    Dimension
    Description
    Cost/12 months
    Up to 128 Assets
    Includes unlimited scan engines and templates, up to 3 Consoles
    $3,840.00
    Managed VM
    Service terms and coverage to be defined in Private Offer
    $1,000,000.00
    Custom Pricing
    Custom Pricing w/ terms and coverage to be defined in Private Offer
    $1,000,000.00

    Vendor refund policy

    Please see the seller website for refund details.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Rapid7 Customer Support services provide rapid resolution of issues. We include Customer Portal Support, 24 hour vulnerability service level agreement, 24 hour incident response time, and a reliable testing guarantee. www.rapid7.com/for-customers 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    77 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Soham U.

    Nexpose is an excellent tool that helps identify vulnerabilities.

    Reviewed on Jun 12, 2024
    Review provided by G2
    What do you like best about the product?
    InsightVM offers real-time visibility into the entire network, enabling continuous monitoring and immediate detection of vulnerabilities as they appear.
    It integrates seamlessly with various other security tools and systems, such as SIEMs, ticketing systems, and DevOps tools, facilitating a more streamlined security workflow.
    The tool supports automated remediation workflows, which can significantly reduce the time and effort required to address vulnerabilities.
    What do you dislike about the product?
    You will get dificulty during initial setp as the setup is complex.
    Cost is very high to compair to other tool.
    Some users have experienced false positives in the scan results, which can lead to unnecessary remediation efforts and wasted resources.
    What problems is the product solving and how is that benefiting you?
    Nexpose help to identify the vulnerability and provide remidiation report. It has realtime scaaning feature.
    The detailed compliance reporting and helps organizations ensure they meet various regulatory standards such as PCI-DSS, GDPR, and HIPAA.
    Soham U.

    Nexpose is an excellent tool that helps identify vulnerabilities.

    Reviewed on Jun 12, 2024
    Review provided by G2
    What do you like best about the product?
    InsightVM offers real-time visibility into the entire network, enabling continuous monitoring and immediate detection of vulnerabilities as they appear.
    It integrates seamlessly with various other security tools and systems, such as SIEMs, ticketing systems, and DevOps tools, facilitating a more streamlined security workflow.
    The tool supports automated remediation workflows, which can significantly reduce the time and effort required to address vulnerabilities.
    What do you dislike about the product?
    You will get dificulty during initial setp as the setup is complex.
    Cost is very high to compair to other tool.
    Some users have experienced false positives in the scan results, which can lead to unnecessary remediation efforts and wasted resources.
    What problems is the product solving and how is that benefiting you?
    Nexpose help to identify the vulnerability and provide remidiation report. It has realtime scaaning feature.
    The detailed compliance reporting and helps organizations ensure they meet various regulatory standards such as PCI-DSS, GDPR, and HIPAA.
    Himanshu K.

    Better than most of the products in the market, but not the best

    Reviewed on Mar 14, 2024
    Review provided by G2
    What do you like best about the product?
    Vulnerability views
    Reporting
    Dashboards
    Tons of threat intelligence and research data integrated with the product by Rapid7. Stuff like Metasploit DB, AttackerKB and project Heisenberg are some of the best integrations.
    Remediation Projects
    Risk Scoring - the new Active Risk Scoring is awesome.
    Scan Assistant (probably the best service for vuln scanning)
    What do you dislike about the product?
    The security console is a lot buggy.
    Native Jira integration is not really native. Breaks all the time.
    Sometimes it takes days to identify some vulnerabilities which is a major drawback especially for critical vulnerabilities (Jetbrains TeamCity CVSS10 vuln is one example, took it 3 days to identify vulnerable assets)
    Too much administrative efforts to setup stuff.
    What problems is the product solving and how is that benefiting you?
    InsightVM is solving all our vulnerability management problems. It checks all the boxes starting from identification to remediation of a vulnerability. I cannot say it is a fully fledged and completely mature tool but it is far better than the other tools I've used in the past (Tenable, Qualys, MS Defender)
    Himanshu K.

    Better than most of the products in the market, but not the best

    Reviewed on Mar 14, 2024
    Review provided by G2
    What do you like best about the product?
    Vulnerability views
    Reporting
    Dashboards
    Tons of threat intelligence and research data integrated with the product by Rapid7. Stuff like Metasploit DB, AttackerKB and project Heisenberg are some of the best integrations.
    Remediation Projects
    Risk Scoring - the new Active Risk Scoring is awesome.
    Scan Assistant (probably the best service for vuln scanning)
    What do you dislike about the product?
    The security console is a lot buggy.
    Native Jira integration is not really native. Breaks all the time.
    Sometimes it takes days to identify some vulnerabilities which is a major drawback especially for critical vulnerabilities (Jetbrains TeamCity CVSS10 vuln is one example, took it 3 days to identify vulnerable assets)
    Too much administrative efforts to setup stuff.
    What problems is the product solving and how is that benefiting you?
    InsightVM is solving all our vulnerability management problems. It checks all the boxes starting from identification to remediation of a vulnerability. I cannot say it is a fully fledged and completely mature tool but it is far better than the other tools I've used in the past (Tenable, Qualys, MS Defender)
    Translation and Localization

    Master in Vulnerability Management

    Reviewed on Feb 22, 2024
    Review provided by G2
    What do you like best about the product?
    I have been using this product for more than 6 years and it's the best product for vulnerability management. They keep track of all zero-days and update their database against all newly listed CVEs within 24 hours. It offers an all-in-one dashboard with multiple widgets
    What do you dislike about the product?
    Integration with extrenal ticketing tool is limited
    What problems is the product solving and how is that benefiting you?
    We use this product for vulnerability management, which keeps us updated with newly listed CVEs. It notifies us whenever there is a zero-day or critical vulnerability release. We use it to reduce the risk score in our environment, ensuring timely patching especially for Microsoft Tuesday patches and critical CVEs. It also helps us keep track of EOS/EOL software. Overall, this product helps us stay safe from cyber attacks and reduce our risks
    View all reviews