We performed a comparison between Rapid7 InsightVM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."It is stable and scalable."
"The ease of deployment and configuration allows users to onboard quickly."
"InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure."
"The discovery and prioritization of vulnerabilities."
"One of the most valuable features is it's graphical dashboard feature. It is quite easy to manage the widgets, and we can customize those according to our queries."
"NeXpose is a pretty good vulnerability scanner... There's a nice dashboard."
"The assessment is most valuable."
"The performance is good."
"What is nice about the solution is that it makes it easy to build the queries, search for the events and then do analysis."
"Splunk can extract all kinds of data. There's no limitation on what kind of structured and unstructured data one needs to extract — it can access any kind of data, including machine-generated data."
"It's very flexible. If you look from the cloud implementation it is there. Reports are made quickly. Unlike other tools, it caters to all kinds of technical information on the front very easily. There's no need to put in any technical information. You can pull on the reports very easily, take action, and notify stakeholders."
"What I really like is that even if you have already collected the data, you can extract fields and can build searches."
"The most valuable features of Splunk Enterprise Security are its high-performance data collection, flexible query language, and its versatility across the organization."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"It's basically one of the best SIEM products on the market."
"Speeds up root cause analysis and can help identify issues that your organization never realized were occurring."
"There are certain limitations because of the product being used on a hybrid model. Rapid7 InsightVM doesn't offer a solution purely in the cloud."
"The authentication scan is not working."
"In terms of improvements, its price could be better. Our main issue with Rapid7 is that it is too expensive. You can only sell it to enterprise accounts. In terms of new features, Rapid7 came up with a product called InsightIDR a couple of years ago, which is a good SIEM solution. We expect that Rapid7 will work on some sort of integration between InsightVM and InsightIDR, where vulnerability or anomaly detected by InsightVM can be reported in InsightIDR in some sort of real-time. Rapid7 doesn't patch. For example, if you have a vulnerability, some products can scan and also do the patching, but Rapid7 does not do the patching. It would be nice if it can also patch."
"We have some issues with how it scans patches."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The solution could improve by being more secure."
"It would be nice to have an additional feature that would provide reports on who has logged onto the console or who did what on the console."
"Reporting could be expanded."
"There is improvement needed when importing from some types of data sources."
"In the next releases, I would like to see more pricing flexibility."
"If it could be made available as a service, this would be much better than as a product."
"One issue is that we are getting a lot of false positives. We are trying to reduce them by customizing the default rules, changing thresholds, and using white-listing and black-listing. It's getting better and better as a result. But they need to build components that would reduce the false positives."
"I think the machine learning should be emphasized. Now, it's really important to analyze Big Data, data mining. A SIEM solution, like Splunk, needs an improved data mining solution, artificial intelligence."
"The algorithms customization of Splunk could improve. They have limited algorithms for machine learning support. If they can allow the user to add more machine learning algorithms, such as the ability to choose the algorithm that a user might want. Additionally, they should provide the required libraries for those algorithms, and then analyzes the data for use."
"The integration could be a bit better. They charge for certain integrations."
"Integrating tools and creating use cases could be easier. It's hard for a junior security engineer with only a couple of years of experience to write use cases. They can do it, but it's much easier in a solution like IBM QRadar. Setting conditions is like a multiple-choice type of thing. It's a more user-friendly process."
Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. Rapid7 InsightVM is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Wiz, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.