Rapid7 Nexpose Community Vulnerability Scanner

Hello! Anyone here on the forum ever used Nexpose Community Vulnerability Scanner? Can you trust it? The file itself has no digital signature? I can’t find any reviews on it plus it’s from Rapid7.

Info here: InsightVM Free Trial


Hi Seany007,

I work at Rapid7 and just looked for the digital signature on the install file and I didn’t see it either. I’ll be looking into this, but you can be assured it’s safe by checking the hash after you download the file.

This is a link to our latest product release notes that contains the md5sum files for you to verify the integrity of the file after you download it. As of now the current version is 5.5.8


Let me know if you have any problems.


Thank you for the reply. I see. I was already thinking it might be an open source hence no signature. I did contact your support but they told me that they don’t support Nexpose Community Vulnerability Scanner.

Few Q’s I would like to know:

  1. Why is it free? What you get from this? And why I can’t find any reviews/info on it apart from your site?

  2. I have Windows 7 64-Bit but I only have 4GB of RAM not 8GB as a minimum hardware. Can I still run your product?

  3. Why your product needs 10 GB+ available disk space only for the scan engines?

Also when you try to download version 5.5.8 for Windows 64-Bit you get version 5.5.7?