Rapid7's InsightVM is a designed to assess risk across your network and has the ability to bring all of your vulnerability information to a modern dashboard. InsightVM c can conduct regularly scheduled vulnerability scans of network devices, as well as integrate with container registries, AWS, Azure, DHCP, and VMWare to automatically discover new devices or containers as they're added to the network. Once a new device is discovered, "Automated Actions" in InsightVM automatically assess and categorize the asset. Finally, InsightVM can import penetration testing results from Metasploit Pro, Rapid7's penetration testing solution, to validate vulnerabilities and prioritize easily exploited assets for remediation; Metasploit Pro can also kick off scans in InsightVM via the API.
For this review, Rapid7 shipped us a nice 2U appliance that we were able to mount in the rack and start the testing process. When the system booted up, there was a familiar Linux command line interface that we set the IP address on and confirmed a few other settings. Once that was done, we accessed the management IP from a web browser and were ready to set things up. The web interface is very clean and has a lot of data points available. Sections and tabs are well labeled and clicking through was smooth. There didn't seem to be much latency while pages loaded. During the setup process we did have some initial difficulties setting up an asset scan, this wasn't as intuitive as we'd expect it to be from a veteran player in this space. Once the asset scan was running, everything was smooth.
The solution comes preloaded with many prebuilt templates for various regulatory compliance audits. InsightVM utilizes a "real risk score" that incorporates CVE and CVSS base scores along with other factors (malware exposure, exploit exposure and age of the vulnerability) to come up with an individual risk score 1-1000 that is much more granular than a "low-medium-high-critical" type scale. InsightVM also has integrations with threat feeds to allow the toolset to prioritize vulnerabilities that are most likely to be used in an attack.
Rapid7 has a robust API that can be leveraged to pull data into your existing management tools such as JIRA, ServiceNow, CyberARK and can even be leveraged with Metasploit Pro. These RESTful API and in-product integrations are a huge help in automating your vulnerability management program.
Rapid7 has a good amount of detailed support content on their web portal, you can find pretty much everything you'd need with a few quick searches. They have a highly active discussion board that has a wealth of knowledge for other users as well. If you still find yourself stuck, you can reach out to them 24x7 and submit a ticket via phone or email. They bundle basic 24x7 support with the product, so you won't have any hidden fees there. If you are in need of additional support, you can upgrade to their "SuperSupport" option for an additional $25,000.
With pricing starting at $25 per asset, this is a very affordable option for a solid enterprise-grade vulnerability management toolset. At this price point, this tool is now available to organizations of all sizes.
Tested by Michael Diehl and Matt Hreben