Action1 is an autonomous endpoint management platform that is cloud-native, scalable, and configurable in 5 minutes. It is free for the first 200 endpoints, with no functional limits. By pioneering autonomous OS and third-party patching - AEM’s foundational use case - through peer-to-peer patch distribution and real-time vulnerability assessment without needing a VPN, it eliminates costly, time-consuming routine labor, preempts ransomware and security risks, and protects the digital…
N/A
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Pricing
Action1
Rapid7 InsightVM
Editions & Modules
No answers on this topic
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
Offerings
Pricing Offerings
Action1
Rapid7 InsightVM
Free Trial
No
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Action1
Rapid7 InsightVM
Features
Action1
Rapid7 InsightVM
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Action1
-
Ratings
Rapid7 InsightVM
7.4
Ratings
7% below category average
Network Analytics
00 Ratings
5.30 Ratings
Threat Recognition
00 Ratings
7.00 Ratings
Vulnerability Classification
00 Ratings
9.30 Ratings
Automated Alerts and Reporting
00 Ratings
9.30 Ratings
Threat Analysis
00 Ratings
7.40 Ratings
Threat Intelligence Reporting
00 Ratings
7.00 Ratings
Automated Threat Identification
00 Ratings
6.70 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
For small teams having to deal with significant ammount of devices, I can't express how useful Action1 is. With very small effort, you can easily keep track of your devices, keep them up to date, deploy new software to your users, create recurring reports/alerts and so on. Initially, the 100 endpoints for free was also a nice touch. Now, even better since they increased to 200. For the forseeable future, I have not to worry about costs and still can't believe it's a full solution for free, not those freeware stuff where what you really desire is behind a cost.
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Lots of times Action1 will identify a program that needs to be patched, but then not really have a path laid out to get that done...so they just remain as they are, but are tagged as such.
Really wants to replace the windows update mechanism. Resists (or did at least) you if you try to keep updates as they are and update occasionally from Action1
Could develop the scripts section a bit more, looked pretty sparse last time I checked it out.
Devices found and scanned are never removed. Removal must be done manually with no option for automation.
The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
Agent deployment is simple (and silent) - once that is done, you're good to go. Everything is simple, centralized and very easy to work with. There isn't one aspect of this platform that requires crawling over forums and Google, it just works!
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
After looking at different solutions, Action1 [Cloud Remote Monitoring and Management Solution] was the perfect fit for us that delivered all of the features we wanted without being as costly as some of the others alternatives we've looked at. There was no minimum endpoint count and they even offer up to 50 endpoints for free, which is really great for a small organization like us to help us lower our starting costs and still allows us to grow at our pace without having to commit to a defined amount of endpoints to start.
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
Saved hours per week on patching and able to ensure a 100% patching success rate.
Able to create custom alerting on potential problems as well as able to create some automation to automatically address problems.
Improved support to our remote locations and users.
Custom deployments allow us to have a mechanism to deploy custom applications we build as well as other third party applications we need to distribute.
It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.