My main use case for Rapid7 InsightCloudSec is endpoint detections and monitoring, especially with the SIEM. As a MSP, I use Rapid7 InsightCloudSec for endpoint detection and monitoring daily with multiple clients, and the Rapid7 Insight Agent is installed on all the servers and linked with the ticketing system. Once an alert is generated through Rapid7, we receive an alert and investigate through the Rapid7 Insight Agent by using the logs.
External reviews
7 reviews
from
External reviews are not included in the AWS star rating for the product.
Daily endpoint monitoring has improved investigations and saved time but detection rules still need tuning
What is our primary use case?
What is most valuable?
The best feature Rapid7 InsightCloudSec offers is the log, which is really quick, and I appreciate the new update with the AI assistance, allowing us to search and create log searches with AI support.
The AI assistance for log search helps me by allowing me to easily search for something from the log, as I used to manually create the log. With the new AI feature, I just type it in and it generates the code, making it easier to get the results.
Rapid7 InsightCloudSec has positively impacted my organization because we are using Microsoft Defender for endpoint protection alongside Rapid7. Rapid7 is quicker than Defender regarding detection speed and logging in, so in comparison, Rapid7 is faster than Microsoft Defender and is lightweight. Since switching to Rapid7 InsightCloudSec, I have noticed it is more time-saving and cost-effective, especially in cases of false positives. From Defender's point of view, we need to log in and check everything, but from Rapid7's perspective, everything is there and with a quick reference, we can identify false positives without digging deeper, saving time and reallocating resources to positive cases.
What needs improvement?
It is important to note that Rapid7 InsightCloudSec's features are not 100% precise, but I find about 70% of the time it is satisfactory. I would like to suggest that you improve it to be more precise, ideally making it 100% if possible.
Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives. Additionally, the traditional rules should be updated, as this is a main point worth mentioning since we spend a lot of time fine-tuning these traditional rules. I suggest improving the legacy detection rules.
If there are any authentication cases, such as impossible travel activity where a user has their SharePoint hosted in a different location, Rapid7 can often trigger alerts, creating confusion as we cannot fine-tune it properly. Another issue is with honeypot access. We sometimes lack necessary logs because Defender's advanced threat protection scanning gets detected as honeypot activity by Rapid7, leading to annoying and noisy alerts that we need to constantly close.
If you can improve the traditional detection rules to reflect current detection rules, it would make it significantly easier for us to manage, as we constantly need to check legacy rules to update or possibly turn them off. Updating the legacy rules should be a priority.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for almost one year.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec is stable.
What do I think about the scalability of the solution?
Regarding scalability, Rapid7 InsightCloudSec is very scalable so far.
How are customer service and support?
The customer support provided by Rapid7 InsightCloudSec is pretty good. We receive enough support on time. In more complex cases, it can take time, but overall, I am satisfied with the support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We did not use any other solution prior to Rapid7. We started directly with Rapid7 and Microsoft.
What was our ROI?
In terms of return on investment, I can say that we have seen time saved and money saved. We previously had fewer employees, and with Rapid7, it has been really helpful to manage all workloads effectively.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup costs, and licensing for Rapid7 InsightCloudSec is that it was affordable initially, but now the costs are a bit high. However, in comparison to other tools in the market, I still find it affordable.
Which other solutions did I evaluate?
Before choosing Rapid7 InsightCloudSec, we evaluated other options, including SentinelOne and other popular solutions.
What other advice do I have?
The first thing we need to do to use Rapid7 InsightCloudSec effectively in our workflow or with our clients is to install the Rapid7 Insight Agent to the endpoints or even the servers. That is a bit challenging because most of the clients are unaware of Rapid7 Insight Agent, and we need to convince them to make it a trustworthy source.
My advice for others looking into using Rapid7 InsightCloudSec is to investigate the features that need to be set up in detail. I rate Rapid7 InsightCloudSec a seven out of ten because of its efficiency, cost-effectiveness, time-saving capabilities, and better monitoring.
Automated cloud monitoring has transformed compliance checks and now reduces misconfigurations in real time
What is our primary use case?
Rapid7 InsightCloudSec is used to monitor client cloud environments, identify misconfigurations, and ensure continuous compliance across their cloud resources.For specific monitoring, Rapid7 InsightCloudSec is mainly used to monitor exposed S3 buckets and IAM policy changes, and it alerts when a bucket becomes open to the public or if a risk permission gets added so it can be fixed. It has also been used for monitoring devices and laptops.Rapid7 InsightCloudSec is deployed in the cloud to monitor both public and private cloud environments for clients, so it is not used on-premises.
What is most valuable?
The automated alerts and clear dashboards make it easy to stay ahead of issues, and Rapid7 InsightCloudSec has been reliable for keeping client cloud setups secure without a lot of manual effort.The best feature in Rapid7 InsightCloudSec is the real-time misconfiguration detection because it immediately flags risk changes in client cloud environments, allowing response before anything escalates.Real-time detection has helped the team react faster and avoid potential security incidents. Instead of finding issues during scheduled checks, alerts are received at the moment something risky happens, which allows problems to be fixed immediately and keeps client environments stable and compliant.Rapid7 InsightCloudSec has helped the organization work more efficiently and proactively, reducing the time and effort spent on manual cloud checks, improving response time to issues, and providing more confidence in the overall security posture managed for clients. It helps streamline workflow and strengthen the quality of service delivered.Since implementing Rapid7 InsightCloudSec, manual cloud security checks have been reduced by around forty to fifty percent, and mean time to resolve misconfigurations has dropped from several hours to under thirty minutes on average, significantly improving efficiency and client confidence.Overall, Rapid7 InsightCloudSec has been a reliable tool for managing cloud security for clients, and while there is room for improvement, its real-time alerts and automated checks make it a valuable part of the workflow.
What needs improvement?
The platform could be improved with more customizable dashboards and reporting.The rating of eight out of ten was chosen because there is room for improvement in dashboard customization and in-app guidance.
For how long have I used the solution?
Rapid7 InsightCloudSec has been used for about a year since starting at RDX.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec works without any stability issues so far.No stability issues have been experienced since using Rapid7 InsightCloudSec with clients.
What other advice do I have?
Teams looking into using Rapid7 InsightCloudSec should take time to set up automated policies for alerts from the start because that is very important. It is worth investigating and learning the dashboard early because once configured, Rapid7 InsightCloudSec saves a lot of time and helps proactively secure cloud environments. The review rating for Rapid7 InsightCloudSec is eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Cloud security has improved as we manage multi cloud compliance, automate remediation, and gain real time visibility into misconfigurations
What is our primary use case?
My main use case for Rapid7 InsightCloudSec is for cloud procedure management, real-time compliance monitoring, and identifying misconfigurations across all cloud environments such as AWS, Azure, GCP, and resource visibility as an inventory.
I used Rapid7 InsightCloudSec in my previous company for real-time compliance monitoring and identifying misconfigurations, where we focused on faster, more accurate detection and client solution services.
How has it helped my organization?
Since using Rapid7 InsightCloudSec, I have positively impacted my organization by sending alerts.
Those alerts have helped by saving time.
What is most valuable?
The best features Rapid7 InsightCloudSec offers include more automation remediation, compliance reporting for auditing, improvement on multi-cloud governance, and cost visibility, which really stand out to me.
The automation capabilities in Rapid7 InsightCloudSec boost my workflow, as they involve Jira automation and creating misconfiguration tickets in Jira.
Rapid7 InsightCloudSec provides a faster, more accurate indication and helps to better understand how to reduce noise in the tone policies.
What needs improvement?
Rapid7 InsightCloudSec can be improved by seeing reductions and improvements in prioritization, tuning findings, suppressing low-value alerts, and better prioritizing the most critical risks.
Needed improvements include adding AI-driven risk prioritization, proactive cloud risk modeling, advanced IAM privilege analysis, identity graph relationship mapping, privilege escalation detection, and automation for privileged remediation.
Additionally, Rapid7 InsightCloudSec needs improvements such as AI-driven risk prioritization, proactive cloud risk modeling, advanced IAM privilege analysis, multi-cloud attack path mapping, pre-built automated hardening, defining stronger policy as code support, better container and serverless coverage, and cost optimization insight along with safe auto-remediation with rollback improvements.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for eight to nine months in my previous company.
What other advice do I have?
Rapid7 InsightCloudSec is deployed in my organization as a public cloud and hybrid cloud.
I am using VMWare Cloud, Azure, GCP, and AWS for my public and hybrid cloud deployment.
I purchased Rapid7 InsightCloudSec through the AWS Marketplace.
I would rate Rapid7 InsightCloudSec an eight out of ten because of its multi-cloud integration, stronger policy as code support, better container serverless coverage, and security plus cost optimization insight.
Proactive threat detection has strengthened hybrid cloud protection and simplifies vulnerability management for diverse infrastructures
What is our primary use case?
Rapid7 InsightCloudSec is used for infrastructure threat finding, and based on the reports which include high, low, and medium priority vulnerabilities, it is easy to determine what actions need to be taken to fix and address the environment and infrastructure in the best way.A combination of on-premises, virtual environments, and both Windows and Linux systems are monitored. Public-facing servers are also monitored, and with Rapid7 InsightCloudSec, servers can be easily safeguarded from unauthenticated or unknown users while controlling malicious activities. Vulnerabilities of both Windows and Linux servers along with applications are monitored, which allows for early detection and reports about issues and solutions for vulnerabilities or security threats.I have approximately 15 years of work experience in this field.
How has it helped my organization?
Rapid7 InsightCloudSec impacts the organization positively by acting as a shield against hackers and ransomware, providing effective protection to data and infrastructure.
What is most valuable?
The ability to find threats in advance is the most valuable feature in day-to-day work because it helps keep the environment and customers safe. Customers can be notified in advance since they rely on this managed service, making these features very helpful for company-managed services and customers.Rapid7 InsightCloudSec offers advanced notifications, alerts for unknown anonymous logins, and it advises on vulnerabilities with generated reports.
What needs improvement?
Improvements could include providing better human-readable report formats with thorough explanations of CVEs and threats, detailing what can be done to eliminate malicious activities.Currently, an agent is used for every new infrastructure deployment. It would be better going forward to have a host-level automatic discovery feature to reduce those dependencies.At present, it is an agent-based solution, and a host-based solution that does not require agent dependencies would make it easier to work with.
For how long have I used the solution?
Rapid7 InsightCloudSec has been used for the last five-plus years, and it has been a good security tool in both past and current companies.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec is very stable.
What do I think about the scalability of the solution?
Its scalability is highly relevant and adaptable.
How are customer service and support?
The customer support for Rapid7 InsightCloudSec is good, as very prompt responses are received to queries.On a scale of 1 to 10, the customer support would be rated a 10, as responses are typically received within about half an hour to an hour when creating a ticket.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, some open-source tools such as OpenVAS were used.
How was the initial setup?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec would be described as nominal.
What about the implementation team?
No additional implementation team support is needed at this time.
What was our ROI?
A return on investment has been seen in terms of manpower and money due to its ease of deployment, eliminating the need for multiple people once configuration and installation are standardized, allowing Rapid7 InsightCloudSec to perform its job efficiently.Cost savings have been observed, and when comparing with other customers using different tools, they faced issues with alerts and reports while the environment and customers remain on a safer side with Rapid7 InsightCloudSec.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec would be described as nominal.
Which other solutions did I evaluate?
Before choosing Rapid7 InsightCloudSec, other options were evaluated, including OpenVAS.
What other advice do I have?
Rapid7 InsightCloudSec creates a user-friendly environment with limited options, while the reporting is well-structured and allows for accurate decision-making. This review has been given a rating of 9 out of 10.
Cloud posture has strengthened and security policies are managed proactively across our environments
What is our primary use case?
Rapid7 InsightCloudSec's main use case for our organization is to maintain our cloud security posture, and we typically depend on a platform named AWS to monitor it and implement all the security features suggested by Rapid7 InsightCloudSec.
Recently, we had a bunch of AWS roles and S3 bucket policies that were overly permissive, which were suggested by Rapid7 InsightCloudSec. After considering their suggestions, we limited the AWS policies and downsized all overly excessive permissions to only what's necessary.
We are also using Rapid7 InsightCloudSec for other use cases, such as managing the whole networking structure of our AWS account, including VPC, subnetting, and ensuring the whole cloud security posture aligns with how it should be.
Recently, we had a bunch of AWS roles and S3 bucket policies that were overly permissive, which were suggested by Rapid7 InsightCloudSec. After considering their suggestions, we limited the AWS policies and downsized all overly excessive permissions to only what's necessary.
We are also using Rapid7 InsightCloudSec for other use cases, such as managing the whole networking structure of our AWS account, including VPC, subnetting, and ensuring the whole cloud security posture aligns with how it should be.
What is most valuable?
Rapid7 InsightCloudSec's best features include the immediate suggestions and support provided, as well as real-time visibility across multiple cloud environments, risk-based prioritization, automated cloud compliance, policy enforcement, and best practices for Infrastructure as Code security.
The automated compliance enforcement has helped our team significantly in cloud infrastructure entitlement management and maintaining the whole IAM governance as well as the container and Kubernetes security postures, plus conducting vulnerability assessments and generating comprehensive reports.
One of the best features is the agentless cloud-native vulnerability management plus cloud workload protection, as Rapid7 InsightCloudSec provides native vulnerability scanning for cloud workloads, containers, and VMs without needing an agent, simplifying deployment and reducing overhead.
It has positively impacted our organization by changing the whole efficiency, especially after updating our patching process to meet the CIS benchmark that was previously under-provisioned. This change uplifted our CIS compliance score. After implementing Rapid7 InsightCloudSec, we increased our CIS benchmark score from 48 to around 88 after addressing missing patches on some VM instances, indicating a significant positive impact.
The automated compliance enforcement has helped our team significantly in cloud infrastructure entitlement management and maintaining the whole IAM governance as well as the container and Kubernetes security postures, plus conducting vulnerability assessments and generating comprehensive reports.
One of the best features is the agentless cloud-native vulnerability management plus cloud workload protection, as Rapid7 InsightCloudSec provides native vulnerability scanning for cloud workloads, containers, and VMs without needing an agent, simplifying deployment and reducing overhead.
It has positively impacted our organization by changing the whole efficiency, especially after updating our patching process to meet the CIS benchmark that was previously under-provisioned. This change uplifted our CIS compliance score. After implementing Rapid7 InsightCloudSec, we increased our CIS benchmark score from 48 to around 88 after addressing missing patches on some VM instances, indicating a significant positive impact.
What needs improvement?
I currently do not have any specific suggestions for improvements, as I am still exploring the full capabilities of Rapid7 InsightCloudSec, but I wish the UI and UX for reporting could be more straightforward, simplifying the process of creating matrices and dashboards.
For how long have I used the solution?
I have been working in my current field for the past three and a half years.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec seems very stable, having been deployed in production systems without causing any issues.
What do I think about the scalability of the solution?
Rapid7 InsightCloudSec is scalable, as it effectively monitors resources regardless of how much we scale up.
How are customer service and support?
I interacted with customer support after an endpoint compromise incident, and they responded quickly and provided clear insights that were essential for resolving the situation.
I would rate customer support a nine, as there is always room for improvement, but they have been generally impressive.
I would rate customer support a nine, as there is always room for improvement, but they have been generally impressive.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used CyberArk and Sysdig, but we switched to Rapid7 InsightCloudSec for its comprehensive monitoring capabilities across our cloud security, as the previous solutions focused on specific areas and we needed a more general approach.
How was the initial setup?
I advise others considering Rapid7 InsightCloudSec to integrate it into their organization. While there may be upfront costs for setup, it pays off in long-term security benefits and risk reduction from breaches.
What was our ROI?
Rapid7 has provided us with a good return on investment, helping us plan migrations from outdated virtual machines to up-to-date, secure systems, which has led to savings in infrastructure costs and reduced the need for a large cybersecurity team.
What's my experience with pricing, setup cost, and licensing?
The pricing has been equivalent to the features provided. While it was not overly expensive, I do wish for more discounts for bulk purchases since we have implemented it widely across our cloud security posture. The setup cost was manageable, and the licensing process is seamless.
Which other solutions did I evaluate?
Before choosing Rapid7 InsightCloudSec, we did not evaluate other options thoroughly. While we had a few POC integrations with Snyk, they were not as effective as Rapid7 InsightCloudSec.
What other advice do I have?
Everything is under control for the cloud security postures at this time. My overall review rating for Rapid7 InsightCloudSec is eight.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Improved response time and visibility through fast scanning and enriched vulnerability data
What is our primary use case?
I use Rapid7 InsightCloudSec for application security and vulnerability management. I often use Rapid7 InsightCloudSec technology to scan internal and external facing systems. The enrichment, particularly the vulnerability enrichment, is superior, and the screens and dashboards are excellent.
What is most valuable?
The fastest scanning is the best feature Rapid7 InsightCloudSec offers. The faster scanning helps me respond to threats quickly in my daily operations. Rapid7's enrichment in terms of vulnerabilities is particularly valuable, as they continue adding new vulnerabilities and capabilities to the system.
The dashboard of Rapid7 InsightCloudSec is very rich and colorful, and I often refer to it for reporting purposes.
Rapid7 InsightCloudSec positively impacts my organization by integrating tightly with my existing vulnerability management process and workflows, particularly in creating a new project and implementing trigger-based scanning.
Time to detect vulnerabilities has improved significantly, which gives me time to mitigate or eliminate them. The vulnerability classification helps me concentrate on which vulnerabilities I need to focus on, rather than dealing with an overwhelming number of vulnerabilities without knowing which ones to address.
The dashboard of Rapid7 InsightCloudSec is very rich and colorful, and I often refer to it for reporting purposes.
Rapid7 InsightCloudSec positively impacts my organization by integrating tightly with my existing vulnerability management process and workflows, particularly in creating a new project and implementing trigger-based scanning.
Time to detect vulnerabilities has improved significantly, which gives me time to mitigate or eliminate them. The vulnerability classification helps me concentrate on which vulnerabilities I need to focus on, rather than dealing with an overwhelming number of vulnerabilities without knowing which ones to address.
What needs improvement?
Rapid7 InsightCloudSec needs to provide more granular search capabilities, such as the ability to search back the last three months. If the platform were equipped with LLM for summarization and other capabilities, it would be really helpful. Automated pen tests would be a great addition.
Regarding integration support, Rapid7 InsightCloudSec broadly integrates with many security technologies, but enabling EDR support would be beneficial, and support for patch management would also be valuable.
Regarding integration support, Rapid7 InsightCloudSec broadly integrates with many security technologies, but enabling EDR support would be beneficial, and support for patch management would also be valuable.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for about four years.
What other advice do I have?
In security, there is nothing called a silver bullet, as every technology is rapidly moving. I give this product a rating of 8 out of 10.
Security operations have become faster and collaboration improves through real-time log monitoring and automated alerts
What is our primary use case?
My main use case for Rapid7 InsightCloudSec is log monitoring and vulnerability management for our servers, which are the two main aspects I focus on.
Our applications are hosted on EKS, which send logs to Rapid7 InsightCloudSec, so whatever occurs in our application and whatever logs are coming through, we can see that in Rapid7 InsightCloudSec very quickly. This is one use case where Rapid7 InsightCloudSec helps us significantly, and related to the servers that we have on AWS, we have vulnerability management, so we can see the CVEs of vulnerabilities and we can patch them and fix them immediately. This is how Rapid7 InsightCloudSec helps us.
These are the main aspects of Rapid7 InsightCloudSec that I have used.
What is most valuable?
Rapid7 InsightCloudSec offers a mix of all these advantages, with speed being a key factor. As soon as I patch my server, it immediately reflects in Rapid7 InsightCloudSec console the vulnerabilities, so it is very quick and easy to see what vulnerabilities are present in my server. Related to log management, we previously used Sumo Logic, but Sumo Logic was somewhat complicated, whereas Rapid7 InsightCloudSec is very simple to search for logs, and it also works very quickly.
Rapid7 InsightCloudSec integrations are also really valuable, so we have Rapid7 InsightCloudSec integrated with our AWS instances and also our Slack channels. If a major vulnerability comes in, we get notified in our Slack, which is a significant advantage.
Rapid7 InsightCloudSec has helped us save thirty percent time in our log retrievals, and it completely changed log searching, making it really fast when we search for logs, with no prior knowledge required. This is a big advantage. Vulnerability management has also led to a fifty percent reduction in cyberattacks in our organization when we use Rapid7 InsightCloudSec.
What needs improvement?
I have a suggestion for Rapid7 InsightCloudSec; the interface can be more intuitive and faster, with a cleaner dashboard that includes customizable widgets and somewhat streamlined navigation to improve usability. For a first-time user who starts using Rapid7 InsightCloudSec, it is somewhat complicated to navigate through the UI and search for logs or vulnerabilities, so this is one aspect that could be improved.
Rapid7 InsightCloudSec could also be integrated with third-party tools such as GitLab CI/CD pipelines and cloud-native services such as EKS, which would improve its appeal to DevOps and cloud teams. Rapid7 InsightCloudSec already provides us real-time feedback loops, but if it also provides real-time feedback to the developers, then it would help the application shift left, meaning the security will shift left as well.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for the past four years.
What do I think about the stability of the solution?
I have not faced any limitations with my data volume regarding the stability of Rapid7 InsightCloudSec.
Which solution did I use previously and why did I switch?
We were previously using Sumo Logic for log management, but for threat assessment, we have always used Rapid7 InsightCloudSec. However, for log management, Sumo Logic required query language and skills, taking up significant time to query as well, which is why Rapid7 InsightCloudSec helps us there.
What was our ROI?
Based on return on investment metrics, Rapid7 InsightCloudSec has helped us save thirty percent time in log searching and fifty percent time in vulnerabilities. With automated vulnerability detection, Rapid7 InsightCloudSec helps teams reduce the time by thirty to fifty percent, which directly cuts exposure time and lowers risk. By catching issues early, Rapid7 InsightCloudSec helps us prevent costly breaches or regulatory fines; for example, automating patching and misconfiguration audits can save thousands in operational overhead, while pre-built compliance reports and container monitoring eliminate manual audit prep, cutting audit preparation by forty to sixty percent.
Which other solutions did I evaluate?
Before choosing Rapid7 InsightCloudSec, I evaluated different options, considering many available solutions, with Tenable being one of them due to its strong vulnerability scanning and compliance checks, but its UI is not as intuitive.
What other advice do I have?
Rapid7 InsightCloudSec helps us collaborate in many ways, with the first being the shared dashboard and reporting, as teams can build and share real-time dashboards or schedule reports across security, DevOps, and management. The second is the ticketing and alert integration, where Rapid7 InsightCloudSec integrates with tools such as Jira, ServiceNow, and PagerDuty, enabling automatic creation of tickets. The third is the role-based access, allowing different teams to get tailored access, helping them focus on the data relevant to them while maintaining compliance and accountability.
Rapid7 InsightCloudSec helps with compliance or regulatory requirements in my organization by using tools such as InsightVM to continuously scan my environment for vulnerabilities and misconfiguration, which ensures the assets stay in line with compliant frameworks such as SOC 2 and GDPR. It offers out-of-the-box customizable compliance reports that map directly to regulatory controls, making audits faster and less painful by showing evidence of adherence and required security practices. All the security event scans and remediation actions are logged, creating a detailed audit trail that auditors appreciate and helping to prove due diligence and continuous compliance over time.
Rapid7 InsightCloudSec is a powerful and reliable security platform with strong capabilities in vulnerability management and threat detection. The agent-based scanning, dashboarding, and prioritization engine are very effective, especially in a hybrid cloud environment. There is room for improvement such as UI responsiveness, scan performance at scale, and deeper CI/CD integration, which would enhance the overall offering. I would rate Rapid7 InsightCloudSec as an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Provides detailed vulnerability insights that lead to faster issue remediation and better risk mitigation
What is our primary use case?
In my role, my main use case for Rapid7 InsightCloudSec is for vulnerability management, where I scan my machines to see zero-day vulnerabilities and receive remediation tactics recommended by Rapid7 after scanning different vulnerabilities, thus providing insights or recommendations on how to tackle them.
Pen testing is another use case where we have assets enrolled with Rapid7 agent. We scan those assets in batches because our company is very large, creating groups based on specific IP addresses and scheduling scans accordingly.
What is most valuable?
The best features Rapid7 InsightCloudSec offers include the dashboard, which gives me an oversight of everything happening in my environment, from vulnerabilities to risks and asset numbers, all presented in simple terms for visualization and decision-making.
The layout of the dashboard is what I appreciate most because it displays information in an easy-to-understand format and is easy to navigate, providing an overview summary of everything that I need to know without navigating through different tabs.
Regarding the reporting feature of Rapid7 InsightCloudSec, I appreciate that it allows me to manipulate the report to my own specifications, as the reporting structure is very broad and interesting. The features involved in the reporting structure are very good, allowing me to tailor the report to my own requirements easily, even selecting only the columns I want. I can also set automatic alerts and integrations, such as the console we could use to integrate between Rapid7 InsightCloudSec and ManageEngine, although it was still a work in progress requiring some manual handling on our part.
Using Rapid7 InsightCloudSec alongside our ManageEngine patch management module positively impacts my organization by scanning assets deeply and providing all identified vulnerabilities, from zero-day to any vulnerabilities on an asset, addressing those that ManageEngine might not identify.
What needs improvement?
I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec. It highlights ways I can use to tackle those vulnerabilities, so we integrate it with ManageEngine, which has a patch management module, and utilize those two systems hand in hand to remediate identified vulnerabilities.
My colleagues have mentioned that having a feature in Rapid7 InsightCloudSec to remediate vulnerabilities scanned from within the console would be helpful. They note that while ManageEngine allows for automatic patching, it would be beneficial for Rapid7 InsightCloudSec to provide a similar feature to make the process more streamlined, rather than having to remediate vulnerabilities manually.
For how long have I used the solution?
I have been with my current company for the past six months, since May.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec is very stable, performing well without any issues.
What do I think about the scalability of the solution?
The scalability of Rapid7 InsightCloudSec is excellent; I have not experienced performance issues as I add more assets, and everything operates smoothly within one console.
How are customer service and support?
I have not encountered any significant issues requiring external support for Rapid7 InsightCloudSec, but if such a need arises, I anticipate that contacting them would yield a timely response, as I have engaged with their solution.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously utilized ManageEngine and switched to Rapid7 InsightCloudSec because ManageEngine scans assets but does not deeply scan for vulnerabilities. Rapid7 InsightCloudSec offers concrete vulnerability assessments that ManageEngine lacked and provides multiple options for addressing identified vulnerabilities, unlike ManageEngine which limits decision-making on patch deployments.
What was our ROI?
I can confirm money and time savings with Rapid7 InsightCloudSec, as we can scan the entire IP range simultaneously instead of manually checking each asset for vulnerabilities, reducing the need for technicians to move around the organization and thus saving significant time.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec are reasonable, and since our organization is growing, I have observed that the more numbers you have, the less costly the product becomes, as licensing operates on volume. Additionally, setup is easy since everything is on the cloud, requiring only the deployment of the agent on machines from a GPO perspective.
Which other solutions did I evaluate?
We did not evaluate other options before choosing Rapid7 InsightCloudSec as our research indicated it met our needs, making it the best choice from day one.
What other advice do I have?
I would recommend that others considering Rapid7 InsightCloudSec assess their organizational needs to determine what they want to achieve with it. If they operate in a fast-paced environment with many assets, I definitely recommend Rapid7 InsightCloudSec for streamlining operations and reducing manpower needs. I gave this product a rating of 9 out of 10.
Reduces security incidents and simplifies daily log and vulnerability management tasks
What is our primary use case?
My main use case for Rapid7 InsightCloudSec is vulnerability management, where I can see the vulnerable servers and the vulnerabilities related to them so that I can patch and fix them. The next use case is log management, which I am currently using as well. We have applications where we collect logs from those applications, and that is also being done in Rapid7.
For vulnerability management, I use Rapid7 InsightCloudSec in my daily workflow by discovering multiple servers in our AWS accounts. Those AWS servers are discovered in Rapid7, and I can see the vulnerability, the CVE numbers, and all the critical vulnerabilities related to them so that I can fix them and we can stop cyber attacks or attacks related to those vulnerabilities before they happen. This is how it helps us in vulnerability management.
I also use Rapid7 InsightCloudSec as log management, so all our EKS clusters and every application send logs to Rapid7, making it very quick to search for logs, which is a useful aspect of Rapid7 InsightCloudSec.
What is most valuable?
The best features of Rapid7 InsightCloudSec, in my opinion, are log management, application security, vulnerability management, SIEM, and attack surface management.
Out of those features, I find myself using log management and vulnerability management the most because I want to stay on top of all the vulnerabilities and get them fixed before they cause us any harm. This is the one thing that I use very extensively. The other one is log management to view the logs from my applications and see who has what access to everyone in our AWS account. Rapid7 InsightCloudSec helps us in these areas.
Rapid7 InsightCloudSec has positively impacted our organization, as log management and vulnerability management in our company improved significantly. We have remediation for the vulnerabilities, and the fixes are there, making it very easy to navigate. The log management is also very fast, so overall, it has helped us a lot.
It has reduced the number of security incidents that used to happen by 40%, and the log management time has been reduced by 20 to 30%. Previously, we were using Sumo Logic for log management, but this new log management is quite good, which has helped us save 20% time and 30% cost.
What needs improvement?
Rapid7 InsightCloudSec can be enhanced by improving the UI/UX. The interface could be more intuitive and faster. A new dashboard with customizable widgets and streamlined navigation would improve usability, especially for managing multiple environments or reports.
The overall UI/UX needs improvement, as performance and speed can also become a concern when scaling large environments or pulling reports, which can sometimes lag. This can impact teams that rely on real-time or near-real-time data. Optimizing backend performance and offering more granular control over scans could be an improvement. Additionally, if Rapid7 InsightCloudSec could support more third-party tools or modern CI/CD pipelines, integrating it into my developer workflow would reduce time to fix and foster a shift-left security mindset.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for the past four years.
What other advice do I have?
That covers everything regarding the features. I would rate this review an 8 out of 10.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Rapid detection of vulnerabilities has improved remediation speed and reduced exposure
What is our primary use case?
My main use case for Rapid7 InsightCloudSec is scanning the agents and finding which vulnerabilities are reported from those servers. Rapid7 InsightCloudSec itself provides suggestions on what remediation steps need to be taken, so accordingly, we can act on those.
A specific example of how I use Rapid7 InsightCloudSec for scanning and remediation in my day-to-day work is that Rapid7 InsightCloudSec agents installed on each server run every four hours a day. During those periods, they do a complete scan of the server, reporting the details they find to Rapid7 InsightCloudSec console. In that dashboard, everything is displayed, so whenever a user needs to check a specific server, they can see the dashboard and find out all the vulnerabilities showing from that server. We can also do an ad hoc scan whenever we need, which is also possible.
Rapid7 InsightCloudSec is hosted on-premises in my organization.
What is most valuable?
Rapid7 InsightCloudSec's best features include its ability to detect vulnerabilities immediately whenever they are released. It is able to point out the specific file that has been reported and provide corresponding solutions, offering these insights within a short time period. That is the major advantage I have found.
Rapid7 InsightCloudSec helps to find the vulnerabilities in the servers very quickly, which is a significant positive impact on my organization. That is the major thing.
The speed of detection with Rapid7 InsightCloudSec has improved the remediation time significantly; whenever a vulnerability is released, it gets addressed within a few days. Therefore, exposure to such threats in our environment has lowered compared to previous statistics.
Whenever a vulnerability gets reported, within six hours, Rapid7 InsightCloudSec is able to get those details and scan our servers to determine if a particular file has been affected or not. That is the time frame it usually takes.
Rapid7 InsightCloudSec has a great user-friendly dashboard. From the home page itself, all the host details and the number of vulnerabilities reported from the entire environment are displayed. Additionally, we can download reports for each server or a group of servers, and we can scan each server whenever we need, which has also been recently introduced. Everything is great.
What needs improvement?
From the dashboard perspective, if more details can be introduced, it would be helpful. During scans, it currently takes a lot of time to scan the servers and generate reports. Reducing this delay would greatly improve the experience.
Integrating with other day-to-day tools could also be beneficial.
For how long have I used the solution?
I have been using Rapid7 InsightCloudSec for about five years.
What do I think about the stability of the solution?
Rapid7 InsightCloudSec is stable.
What do I think about the scalability of the solution?
Rapid7 InsightCloudSec has great scalability.
How are customer service and support?
Rapid7 InsightCloudSec's customer support provides all the requirements and details we need in a timely manner, so they are very supportive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Previously, we used another tool, but moving to Rapid7 InsightCloudSec has helped a lot. Detecting vulnerabilities and staying informed about threats has become much easier.
What was our ROI?
Rapid7 InsightCloudSec has helped significantly with cost savings, so much money has been saved when using it.
What's my experience with pricing, setup cost, and licensing?
I don't have much role in pricing, setup cost, or licensing; those decisions are taken by our senior management.
Which other solutions did I evaluate?
There are plenty of other tools available, such as CrowdStrike and Endpoint, which we considered before finally deciding on Rapid7 InsightCloudSec.
What other advice do I have?
Rapid7 InsightCloudSec is a great product, and I suggest it to everyone. It will provide a great experience using this tool. I would rate this product 9 out of 10.
showing 1 - 10