The Rapid7 Insight platform, launched in 2015, brings together Rapid7’s library of vulnerability research, exploit knowledge, global attacker behavior, Internet-wide scanning data, exposure analytics, and real-time reporting to provide a fully available, scalable, and efficient way to collect your vulnerability data and turn it into answers.
InsightVM leverages this platform for live vulnerability and endpoint analytics. Thousands of customers have been using this solution since June of 2016 when it was released in BETA as “Nexpose Now”. On April 11, 2017 all of the functionality in Nexpose Now became GA and the solution was rebranded InsightVM to reflect the exciting innovation available today and tomorrow via cloud-powered features and functionality.
Four key reasons:
InsightVM will continue to make use of our Insight Platform for cloud analytics and features; this includes more dashboard cards, endpoint querying, and in-product integrations with both Rapid7’s and other leading security provider’s tools
No. In fact we will upgrade any Nexpose edition users to Nexpose (formerly known as Nexpose Enterprise), our most robust and feature-rich on-premise VM solution. At the same time, we’ve simplified all Rapid7 VM licensing (FKA Nexpose Enterprise, Ultimate, Express, or Consultant) into two options: Nexpose or InsightVM.
Nexpose Enterprise users will see no changes and all other Nexpose users will have access to premium features including reporting capabilities, asset tagging, risk score, etc.
InsightVM includes all features found in Nexpose Enterprise, including our traditional on-premise scan engines, plus as part of the Rapid7 Insight Platform, users get Exposure Analytics, live dashboards, a unified agent across all Insight products, remediation workflow planning, in-product integrations, and more .
Additionally, InsightVM has a subscription-pricing model.
InsightVM provides live dashboards which you can fully customize and query for any person in your organization, whether they’re a CISO or sys admin; Insight Agents for continuous monitoring that also pairs with InsightIDR for UBA/Incident Detection and Response assessment; and Remediation Workflow for assigning and tracking remediation projects live within Nexpose, making it easier to work with IT to get things fixed. InsightVM also has several in-product integrations such as ticketing, and most future integrations (as well as current Nexpose integrations) are being converted into in-product integrations for easier setup.
Rapid7 Insight Platform has been servicing customers for nearly three years, and now has thousands of customers analyzing logs, user behavior, deceptions, vulnerabilities, and more. Our rigorous and certified security processes, as well as those of our certified cloud partner, Amazon AWS, allows us to provide significant security controls and risk assurance. For more information, data, and technical whitepapers please visit rapid7.com/trust.
First, you should review rapid7.com/trust for information on our privacy and security controls, including technical white papers that our customers have used to make the move to cloud. If the time is still not right, Nexpose will continue to receive frequent feature enhancements and improvements, such as new vulnerability and policy content.
You will be converted to InsightVM since it is the same product you are using today, at the time of your next renewal and/or at your convenience. Note that as time goes on, the InsightVM roadmap will begin to diverge from existing Nexpose Enterprise/Ultimate capabilities, as many new features will not be supported on legacy licenses.
Nexpose Express users will be upgraded to Nexpose (FKA Nexpose Enterprise); Consultant customers will renew their consulting license per usual. Those products will eventually be end-of-lifed, at a to-be-determined date, once customers have migrated during their scheduled renewal cycle.
Nexpose (FKA Nexpose Enterprise) will equip Express and Consultant users with added functionality to enable them to get more out of their vulnerability management program. This includes discovery scanning, unlimited scan engines, role based access control, and policy assessment, among other features previously only available in Nexpose Enterprise.
InsightVM provides live dashboards which you can fully customize and query for any person in your organization, whether they’re a CISO or sys admin; Insight Agents for continuous monitoring that also pairs with InsightIDR for UBA/Incident Detection and Response assessment; and Remediation Workflow for assigning and tracking remediation projects live within Nexpose, making it easier to work with IT to get things fixed. InsightVM also has several in-product integrations such as ticketing, and most future integrations (as well as current Nexpose integrations) are being converted into in-product integrations for much easier setup
No; your configuration settings will be unchanged; the only thing you’ll need to do is to make sure InsightVM can connect to our cloud platform
No; all scan schedules and configurations will remain in place
Yes; historical vulnerability data will still be available, and will be uploaded to the cloud platform for analytics with InsightVM
No; all current integrations will continue to be fully supported in both InsightVM and Nexpose. In fact, part of the benefits of InsightVM is that we will be able to start integrating these tools directly into the product UI, starting with JIRA ticketing integration. If any issues do arise, be sure to contact Rapid7 support.
Customers will need to accept our new terms of service when they transition to InsightVM. The differences are minimal and what you would expect from a cloud product terms of service; if you have any questions please contact your Customer Success Manager.
All customers will be able to upgrade to InsightVM or Nexpose at renewal time for no additional cost beyond their current renewal rate.
Great! Simply go to https://www.rapid7.com/products/insightvm/upgrade and fill out the form; your Customer Success Manager will provide you with a new license key for InsightVM. Once you receive it, change the license key in your current install to the new one and your console will update to InsightVM.