Vendor Insights
Rapid7 InsightVM is a vulnerability management solution that doesn't just provide visibility into the risks present in your IT environment. It equips you with the reporting, automation, and integrations needed to prioritize and fix those vulnerabilities in a fast and efficient manner.
Overview
When it comes to risk management, the ability to detect problems is meaningless if you can't fix what you uncover. That's why we've designed InsightVM to detect risk and also arm security teams with the tools needed to overcome the communication barriers and organizational silos that can make remediation so hard.
Rapid7 InsightVM starts with the array of capabilities you'd expect from a solution that's been named by Forrester as a leader in the last three consecutive Wave reports on Vulnerability Risk Management:
- Get complete visibility into the presence of vulnerabilities through scan engines, the cross-product Rapid7 Insight Agent, and direct API integrations with AWS, other cloud providers, container repositories, and more.
- Detect over 150 kinds of misconfigurations in your AWS environment.
- Monitor your attack surface to uncover known and unknown external-facing assets.
- Evaluate compliance with industry frameworks or custom policies.
Once risks have been found, InsightVM helps teams take action:
- Proprietary real-risk score helps teams prioritize the biggest threats
- Automatically create tickets in JIRA or ServiceNow based on findings
- Automation capabilities include integrations with SCCM and BigFix
- Custom generated code snippets let you fix AWS misconfigurations with a few clicks
- Goal and SLA reporting, remediation projects, and customizable dashboards help track progress over time and share results across the organization
Highlights
- Full Visibility: InsightVM assesses physical servers, virtual machines (such as EC2 instances), containers, and remote endpoints. Plus, since risk to your organization is more than just missing patches, it also detects misconfigurations in AWS.
- Real-Time: Direct integrations with AWS and other cloud providers ensure data in InsightVM is always up-to-date. It also allows you to pull in all your EC2 tags for tracking, reporting, and organization.
- Available as a Managed Service: Let our team, led by a dedicated security advisor, run InsightVM for you. The best part? You still get full access to InsightVM for those times when you want to roll up your sleeves.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Dimension | Description | Cost/12 months |
|---|---|---|
Up to 128 Assets | Includes unlimited scan engines and templates, up to 3 Consoles | $3,840.00 |
Managed VM | Service terms and coverage to be defined in Private Offer | $1,000,000.00 |
Custom Pricing | Custom Pricing w/ terms and coverage to be defined in Private Offer | $1,000,000.00 |
Vendor refund policy
Please see the seller website for refund details.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Rapid7 Customer Support services provide rapid resolution of issues. We include Customer Portal Support, 24 hour vulnerability service level agreement, 24 hour incident response time, and a reliable testing guarantee. www.rapid7.com/for-customers
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
CIS Hardened Image STIG on Amazon Linux 2
By Center for Internet Security
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
VM-Series Next-Gen Virtual Firewall w/ Advanced Security Subs (PAYG)
By Palo Alto Networks
Expand your coverage against command and control, web-based, file-based, DNS protocol, and other threats with industries most advanced cloud delivered security services that protect your AWS workloads, VDIs and user traffic with AI/ML-powered VM-Series virtual firewalls from Palo Alto Networks. This listing includes 24x7 Premium Support.
The Fortinet FortiManager provides easy centralized configuration, policy-based provisioning, update management and end-to-end network monitoring for your Fortinet installed environment.
ClimateTracker Climate-related Disclosures - Aotearoa NZ CS 1-3
By ClimateTracker
ClimateTracker provides intelligent AI Climate Disclosure reporting tools that guide organisations through changing climate standards, help make impactful climate decisions and reduce compliance costs
Customer reviews
Soham U.
Nexpose is an excellent tool that helps identify vulnerabilities.
Reviewed on Jun 12, 2024
Review provided by G2
What do you like best about the product?
InsightVM offers real-time visibility into the entire network, enabling continuous monitoring and immediate detection of vulnerabilities as they appear.
It integrates seamlessly with various other security tools and systems, such as SIEMs, ticketing systems, and DevOps tools, facilitating a more streamlined security workflow.
The tool supports automated remediation workflows, which can significantly reduce the time and effort required to address vulnerabilities.
It integrates seamlessly with various other security tools and systems, such as SIEMs, ticketing systems, and DevOps tools, facilitating a more streamlined security workflow.
The tool supports automated remediation workflows, which can significantly reduce the time and effort required to address vulnerabilities.
What do you dislike about the product?
You will get dificulty during initial setp as the setup is complex.
Cost is very high to compair to other tool.
Some users have experienced false positives in the scan results, which can lead to unnecessary remediation efforts and wasted resources.
Cost is very high to compair to other tool.
Some users have experienced false positives in the scan results, which can lead to unnecessary remediation efforts and wasted resources.
What problems is the product solving and how is that benefiting you?
Nexpose help to identify the vulnerability and provide remidiation report. It has realtime scaaning feature.
The detailed compliance reporting and helps organizations ensure they meet various regulatory standards such as PCI-DSS, GDPR, and HIPAA.
The detailed compliance reporting and helps organizations ensure they meet various regulatory standards such as PCI-DSS, GDPR, and HIPAA.
Leave a comment0 comments
Himanshu K.
Better than most of the products in the market, but not the best
Reviewed on Mar 14, 2024
Review provided by G2
What do you like best about the product?
Vulnerability views
Reporting
Dashboards
Tons of threat intelligence and research data integrated with the product by Rapid7. Stuff like Metasploit DB, AttackerKB and project Heisenberg are some of the best integrations.
Remediation Projects
Risk Scoring - the new Active Risk Scoring is awesome.
Scan Assistant (probably the best service for vuln scanning)
Reporting
Dashboards
Tons of threat intelligence and research data integrated with the product by Rapid7. Stuff like Metasploit DB, AttackerKB and project Heisenberg are some of the best integrations.
Remediation Projects
Risk Scoring - the new Active Risk Scoring is awesome.
Scan Assistant (probably the best service for vuln scanning)
What do you dislike about the product?
The security console is a lot buggy.
Native Jira integration is not really native. Breaks all the time.
Sometimes it takes days to identify some vulnerabilities which is a major drawback especially for critical vulnerabilities (Jetbrains TeamCity CVSS10 vuln is one example, took it 3 days to identify vulnerable assets)
Too much administrative efforts to setup stuff.
Native Jira integration is not really native. Breaks all the time.
Sometimes it takes days to identify some vulnerabilities which is a major drawback especially for critical vulnerabilities (Jetbrains TeamCity CVSS10 vuln is one example, took it 3 days to identify vulnerable assets)
Too much administrative efforts to setup stuff.
What problems is the product solving and how is that benefiting you?
InsightVM is solving all our vulnerability management problems. It checks all the boxes starting from identification to remediation of a vulnerability. I cannot say it is a fully fledged and completely mature tool but it is far better than the other tools I've used in the past (Tenable, Qualys, MS Defender)
Translation and Localization
Master in Vulnerability Management
Reviewed on Feb 22, 2024
Review provided by G2
What do you like best about the product?
I have been using this product for more than 6 years and it's the best product for vulnerability management. They keep track of all zero-days and update their database against all newly listed CVEs within 24 hours. It offers an all-in-one dashboard with multiple widgets
What do you dislike about the product?
Integration with extrenal ticketing tool is limited
What problems is the product solving and how is that benefiting you?
We use this product for vulnerability management, which keeps us updated with newly listed CVEs. It notifies us whenever there is a zero-day or critical vulnerability release. We use it to reduce the risk score in our environment, ensuring timely patching especially for Microsoft Tuesday patches and critical CVEs. It also helps us keep track of EOS/EOL software. Overall, this product helps us stay safe from cyber attacks and reduce our risks
Pranay M.
"One of the Best tool for Vulnerability Management"
Reviewed on Sep 06, 2023
Review provided by G2
What do you like best about the product?
InsightVM is providing Agent based scanning which helps us alot, apart from that Dashboard
is also very cool and helps alot in easily go throught the stats.
is also very cool and helps alot in easily go throught the stats.
What do you dislike about the product?
There is nothing to dislike apart from Memory consumption is sometimes getting very high.
What problems is the product solving and how is that benefiting you?
We are using InsightVM for Cloud VM.
Manufacturing
Good Vulnerability Management Solution
Reviewed on Jul 26, 2023
Review provided by G2
What do you like best about the product?
Easy to manage, good capabilities, agent and network scan works as intended. A good way to remediate vulnerabilities using Remediation projects and set proper Goal and SLAs. A good reporting available to use
What do you dislike about the product?
Managing multiple scan jobs and tagging of assets as not granular for very big enterprise organizations. Some network scans can cause network issues for the endpoints.
What problems is the product solving and how is that benefiting you?
InsightVM (Nexpose) provides a good vulnerability management and risk mitigation solution with remediation capabilities and ensure keeping good SLAs and goals for the organization.