Rapid7 InsightVM is a vulnerability management tool that offers continuous visibility into security risks across a network. It equips IT teams to detect, prioritize, and remediate vulnerabilities. By providing real-time data, InsightVM helps organizations identify security weaknesses before they can be exploited by attackers.
In addition to its core vulnerability management functions, InsightVM integrates with various IT environments. It offers a cloud-based platform that enables scalability and accessibility, allowing users to manage security risks. The platform’s analytics and reporting capabilities make it useful for organizations seeking to improve their security posture.
This is part of a series of articles about cybersecurity tools (coming soon).
The Rapid7 Insight Agent is a tool for continuous data collection from endpoints across an organization. Unlike traditional scanning methods, the Insight Agent operates in real time, gathering data even from assets that are difficult to scan actively. These include devices used by remote workers, systems that rarely connect to the corporate network, or sensitive assets that cannot be subjected to frequent scans.
Traditional software dashboards provide static snapshots that quickly become outdated. InsightVM’s Live Dashboards offer dynamic, real-time visibility into the organization’s risk landscape. These dashboards allow security teams to track progress, monitor trends, and explore data. Users can create views tailored to the needs of various stakeholders, from system administrators to executives like CISOs. The dashboard cards can be queried in plain language.
CVSS scores often result in thousands of vulnerabilities being flagged as critical, leaving security teams overwhelmed and unsure where to focus their efforts. The Active Risk Score provides an actionable approach by assigning each vulnerability a score from 1 to 1000. This score is based on the likelihood that a vulnerability will be exploited in a real-world attack. It incorporates data from threat intelligence feeds, including Rapid7’s proprietary research from resources like Project Lorelei and AttackerKB.
Managing remediation workflows can be cumbersome, often involving lengthy reports, manual tracking, and inefficient communication between security and IT teams. InsightVM’s IT-Integrated Remediation Projects transform this process by providing a centralized platform for assigning, tracking, and managing remediation tasks in real time. Security teams can create projects that include vulnerabilities to be addressed and assign them directly to IT personnel. These tasks are then integrated into IT’s existing workflows, such as ticketing systems.
InsightVM integrates with Rapid7’s Project Sonar, which continuously scans the public internet to identify exposed assets and vulnerabilities. This provides organizations with valuable insights into their external attack surface, including unmanaged or unknown assets that could pose security risks. By leveraging this data, security teams can ensure that they have a complete inventory of all external-facing systems.
Related content: Read our guide to threat hunting tools
Rapid7 InsightVM offers volume-based pricing, tailored to the number of assets an organization needs to monitor. The pricing model starts at $1.93 per asset per month when managing 500 assets, amounting to approximately $23.18 per asset annually. This pricing assumes a minimum commitment of 512 assets and requires annual billing.
The platform provides scalability, making it suitable for organizations of varying sizes. For larger environments with over 1,250 assets, volume discounts are available. For specific requirements or detailed cost breakdowns, customers can request a personalized quote.
In addition to the vulnerability management capabilities, the pricing includes features such as on-premises and remote endpoint assessments, unlimited scanning capabilities, attacker-based risk scoring, IT-integrated remediation tools, and access to Rapid7’s integrated threat intelligence feeds.
While Rapid7 InsightVM is a vulnerability management solution, it does come with several limitations that organizations should consider. These limitations were reported by users on the G2 platform:
To install InsightVM on a Linux system, you will need:
1. Disable SELinux: Open the file /etc/selinux/config with a text editor. Locate the line starting with SELINUX= and change its value to disabled. Save the changes and reboot the system using:
shutdown -r now
2. Verify the Installer: Download the installer and the checksum file. Validate the file using:
sha512sum -c <installer_file_name_checksum_file>
Ensure the checksum matches. If successful, you will see an “OK” message.
3. Make the Installer Executable: Grant execution permissions –
chmod +x <installer_file_name>
4. Run the Installer: Execute the installer with –
./<installer_file_name>
Follow the prompts to complete the installation.
Check the Security Console service is running using the following command:
sudo systemctl status nexposeconsole
If not, please start it using this command:
sudo systemctl start nexposeconsole
You can access the security console by browsing to http://<YOUR IP OR HOSTNAME>:3780. Upon first access, you will be taken to the following:
Once installed, the Security Console provides an overview of the IT environment. Key areas of the home page include:
1. Default Dashboard Panels
2. Filtered Asset Search: Filter scanned assets by parameters like vulnerability severity, location, or operating system. This is essential for identifying high-risk assets or creating targeted reports.
3. Create Dropdown: A shortcut for tasks like creating new sites, asset groups, or reports.
4. Calendar: Displays all scheduled scans and reports, allowing you to manage timing and avoid conflicts.
From the home page, follow these steps.
Define a Site
Configure Authentication
Perform a Full Scan
Coralogix sets itself apart in observability with its modern architecture, enabling real-time insights into logs, metrics, and traces with built-in cost optimization. Coralogix’s straightforward pricing covers all its platform offerings including APM, RUM, SIEM, infrastructure monitoring and much more. With unparalleled support that features less than 1 minute response times and 1 hour resolution times, Coralogix is a leading choice for thousands of organizations across the globe.