InsightVM (Nexpose) Reviews & Product Details

I like InsightVM’s clear, actionable risk scoring and live dashboards that keep asset exposure prioritized and up to date. Review collected by and hosted on G2.com.

Some scans and dashboards can feel heavy at scale, and custom reporting and tagging rules sometimes require extra tuning to get right. Review collected by and hosted on G2.com.

InsightVM offers real-time visibility into the entire network, enabling continuous monitoring and immediate detection of vulnerabilities as they appear.

It integrates seamlessly with various other security tools and systems, such as SIEMs, ticketing systems, and DevOps tools, facilitating a more streamlined security workflow.

The tool supports automated remediation workflows, which can significantly reduce the time and effort required to address vulnerabilities. Review collected by and hosted on G2.com.

You will get dificulty during initial setp as the setup is complex.

Cost is very high to compair to other tool.

Some users have experienced false positives in the scan results, which can lead to unnecessary remediation efforts and wasted resources. Review collected by and hosted on G2.com.

Vulnerability views

Reporting

Dashboards

Tons of threat intelligence and research data integrated with the product by Rapid7. Stuff like Metasploit DB, AttackerKB and project Heisenberg are some of the best integrations.

Remediation Projects

Risk Scoring - the new Active Risk Scoring is awesome.

Scan Assistant (probably the best service for vuln scanning) Review collected by and hosted on G2.com.

The security console is a lot buggy.

Native Jira integration is not really native. Breaks all the time.

Sometimes it takes days to identify some vulnerabilities which is a major drawback especially for critical vulnerabilities (Jetbrains TeamCity CVSS10 vuln is one example, took it 3 days to identify vulnerable assets)

Too much administrative efforts to setup stuff. Review collected by and hosted on G2.com.

I have been using this product for more than 6 years and it's the best product for vulnerability management. They keep track of all zero-days and update their database against all newly listed CVEs within 24 hours. It offers an all-in-one dashboard with multiple widgets Review collected by and hosted on G2.com.

Integration with extrenal ticketing tool is limited Review collected by and hosted on G2.com.

InsightVM is providing Agent based scanning which helps us alot, apart from that Dashboard

is also very cool and helps alot in easily go throught the stats. Review collected by and hosted on G2.com.

There is nothing to dislike apart from Memory consumption is sometimes getting very high. Review collected by and hosted on G2.com.

InsightVM efficiently manages our cloud workloads through its robust agent installation. We can overview and scan all our images at various stages in deployment. We can also identify potential risks and prioritize handling vulnerabilities in our infrastructure. Since it is an agent-based platform, we can conveniently focus on our enhancements and let InsightVM take care of the underlying dependencies. Review collected by and hosted on G2.com.

We need to keep track of our resource consumption & take suitable approaches for optimization. This can be tedious while working on InsightVM, but with adequate exposure, it's possible to make the best out of its functionalities. We can build a resilient infrastructure to meet security compliances in our SDLC with InsightCM. Review collected by and hosted on G2.com.

Easy to manage, good capabilities, agent and network scan works as intended. A good way to remediate vulnerabilities using Remediation projects and set proper Goal and SLAs. A good reporting available to use Review collected by and hosted on G2.com.

Managing multiple scan jobs and tagging of assets as not granular for very big enterprise organizations. Some network scans can cause network issues for the endpoints. Review collected by and hosted on G2.com.

I've used this product for more than a year, and I can state with pride that it makes vulnerability management incredibly simple. Comparatively speaking to other solutions on the market, the UI is user-friendly and simple to comprehend. This tool makes it crystal evident where the weaknesses are and what needs to be given top priority. For the vulnerability and patch management team, this tool is highly helpful. Review collected by and hosted on G2.com.

One thing I found so far that Search feature is a bit slow. Review collected by and hosted on G2.com.

Real risk score based (holistically: vulnerability x asset context), agent and engine, assisted SCCM patching, hardening check, remediation projects, SLAs Review collected by and hosted on G2.com.

GUI is immature and inconsistent, Query builder is limited (you would need additional data lake software: Splunk, Power BI etc.), expensive Review collected by and hosted on G2.com.

Remediation projects helped a lot in assigning open findings with stakeholders and tracking in live. Assets tagging is another feature that helped me bifurcate and categorized my assets basis their criticality and exposure. Review collected by and hosted on G2.com.

Memory consumption sometimes is at its peak. Apart from that, compared to other VM tools it has enough features with other tool even dont have as a whole solution. Review collected by and hosted on G2.com.