InsightVM FAQ

Frequently Asked Questions

  • What is InsightVM?

    The Rapid7 Insight platform, launched in 2015, brings together Rapid7’s library of vulnerability research, exploit knowledge, global attacker behavior, Internet-wide scanning data, exposure analytics, and real-time reporting to provide a fully available, scalable, and efficient way to collect your vulnerability data and turn it into answers.

    InsightVM leverages this platform for live vulnerability and endpoint analytics.  Thousands of customers have been using this solution since June of 2016 when it was released in BETA as “Nexpose Now”. On April 11, 2017 all of the functionality in Nexpose Now became GA and the solution was rebranded InsightVM to reflect the exciting innovation available today and tomorrow via cloud-powered features and functionality.

  • Why did Rapid7 decide to launch InsightVM?

    Four key reasons:

    • 1.  Add vulnerability management to our proven and award-winning solutions already on the Insight Platform.
      1. The Insight Platform, introduced in 2015, now houses Rapid7 solutions for vulnerability management, incident detection & response, application security (BETA), IT analytics & optimization, and reporting from our global services. The ability for multiple applications to share data, research, and analytic processing allows Rapid7 customers to leverage not only a ‘one-stop shop’ experience, but also reduce the overall total cost of ownership (TCO) inherent in on premise analytic-driven solutions.
    • 2.  Provide live monitoring of your full environment including all endpoints and your own cloud infrastructures.
      1. By upgrading Nexpose Now to InsightVM, Rapid7 has announced all functions are generally available and means:
        1. • InsightVM Live Monitoring is always-on, allowing you to automatically collect, monitor, and analyze your network for new and existing risk, and provide your IT and Security teams with the right answers to do their jobs more efficiently
        2. • InsightVM leverages the Rapid7 Insight Agent, Rapid7 Internet-wide scan research (Project SONAR), and Adaptive Security to identify new risks immediately as they enter your network.
        3. • InsightVM now provides full coverage of your network, all the way to the endpoints and your own dynamic cloud and virtual infrastructures.
    • 3.  Furnish a flexible and scalable subscription-pricing model to fit the needs of all customers.
      1. Rapid7 recognized that customers moving to a cloud-powered solution are better served with a simplified subscription-licensing model.
    • 4.  Individual innovative roadmaps to continue innovating InsightVM and Nexpose.
      1. The introduction of InsightVM provides individual roadmaps and development tracks for both InsightVM and  Nexpose. This is an ideal scenario for speeding up feature delivery and streamlining the implementation of customer feedback into both products. 

  • What future benefits and enhancements can I expect in InsightVM?

    InsightVM will continue to make use of our Insight Platform for cloud analytics and features; this includes more dashboard cards, endpoint querying, and in-product integrations with both Rapid7’s and other leading security provider’s tools

  • Is Nexpose gone?

    No. In fact we will upgrade any Nexpose edition users to Nexpose (formerly known as Nexpose Enterprise), our most robust and feature-rich on-premise VM solution. At the same time, we’ve simplified all Rapid7 VM licensing (FKA Nexpose Enterprise, Ultimate, Express, or Consultant) into two options: Nexpose or InsightVM.

    Nexpose Enterprise users will see no changes and all other Nexpose users will have access to premium features including reporting capabilities, asset tagging, risk score, etc.

  • What are the differences between Nexpose and InsightVM?

    InsightVM includes all features found in Nexpose Enterprise, including our traditional on-premise scan engines, plus as part of the Rapid7 Insight Platform, users get Exposure Analytics, live dashboards, a unified agent across all Insight products, remediation workflow planning, in-product integrations, and more .

    Additionally, InsightVM has a subscription-pricing model.

  • What are the benefits of InsightVM over Nexpose?

    InsightVM provides live dashboards which you can fully customize and query for any person in your organization, whether they’re a CISO or sys admin; Insight Agents for continuous monitoring that also pairs with InsightIDR for UBA/Incident Detection and Response assessment; and Remediation Workflow for assigning and tracking remediation projects live within Nexpose, making it easier to work with IT to get things fixed. InsightVM also has several in-product integrations such as ticketing, and most future integrations (as well as current Nexpose integrations) are being converted into in-product integrations for easier setup.

  • How is my information secured in the cloud?

    Rapid7 Insight Platform has been servicing customers for nearly three years, and now has thousands of customers analyzing logs, user behavior, deceptions, vulnerabilities, and more. Our rigorous and certified security processes,  as well as those of our certified cloud partner, Amazon AWS, allows us to provide significant security controls and risk assurance. For more information, data, and technical whitepapers please visit rapid7.com/trust.

  • My company forbids deployment of any cloud products. What future on-premise features and enhancements can I expect for Nexpose?

    First, you should review rapid7.com/trust for information on our privacy and security controls, including technical white papers that our customers have used to make the move to cloud. If the time is still not right, Nexpose will continue to receive frequent feature enhancements and improvements, such as new vulnerability and policy content.

  • I am using Nexpose Enterprise/Ultimate with Nexpose Now features...What happens to me?

    You will be converted to InsightVM since it is the same product you are using today, at the time of your next renewal and/or at your convenience. Note that as time goes on, the InsightVM roadmap will begin to diverge from existing Nexpose Enterprise/Ultimate capabilities, as many new features will not be supported on legacy licenses.

  • What’s happening to Nexpose Express and Consultant?

    Nexpose Express users will be upgraded to Nexpose (FKA Nexpose Enterprise); Consultant customers will renew their consulting license per usual. Those products will eventually be end-of-lifed, at a to-be-determined date, once customers have migrated during their scheduled renewal cycle. 

  • What are the benefits of moving from Nexpose Express or Consultant to Nexpose?

    Nexpose (FKA Nexpose Enterprise) will equip Express and Consultant users with added functionality to enable them to get more out of their vulnerability management program. This includes discovery scanning, unlimited scan engines, role based access control, and policy assessment, among other features previously only available in Nexpose Enterprise.

  • What are the benefits of moving from Nexpose Express or Consultant to InsightVM?

    InsightVM provides live dashboards which you can fully customize and query for any person in your organization, whether they’re a CISO or sys admin; Insight Agents for continuous monitoring that also pairs with InsightIDR for UBA/Incident Detection and Response assessment; and Remediation Workflow for assigning and tracking remediation projects live within Nexpose, making it easier to work with IT to get things fixed. InsightVM also has several in-product integrations such as ticketing, and most future integrations (as well as current Nexpose integrations) are being converted into in-product integrations for much easier setup

  • Will I need to edit any settings or configurations to switch to InsightVM?

    No; your configuration settings will be unchanged; the only thing you’ll need to do is to make sure InsightVM can connect to our cloud platform

  • Will I need to reestablish my scan schedules when I switch to InsightVM?

    No; all scan schedules and configurations will remain in place

  • Will my historical vulnerability data still be available when I switch to InsightVM?

    Yes; historical vulnerability data will still be available, and will be uploaded to the cloud platform for analytics with InsightVM

  • I currently have Nexpose integrated with other security products in my environment; will changing to InsightVM break these integrations?

    No; all current integrations will continue to be fully supported in both InsightVM and Nexpose. In fact, part of the benefits of InsightVM is that we will be able to start integrating these tools directly into the product UI, starting with JIRA ticketing integration. If any issues do arise, be sure to contact Rapid7 support.

  • How will this affect our existing legal agreements?

    Customers will need to accept our new terms of service when they transition to InsightVM. The differences are minimal and what you would expect from a cloud product terms of service; if you have any questions please contact your Customer Success Manager.

  • How will this affect my renewal?

    All customers will be able to upgrade to InsightVM or Nexpose at renewal time for no additional cost beyond their current renewal rate.

  • I’d like to transition to InsightVM before my renewal; how does that process work?

    Great! Simply go to https://www.rapid7.com/products/insightvm/upgrade and fill out the form; your Customer Success Manager will provide you with a new license key for InsightVM. Once you receive it, change the license key in your current install to the new one and your console will update to InsightVM.