We performed a comparison between Check Point CloudGuard CNAPP and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The reporting is quite good. It is the most powerful aspect of this solution."
"It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment."
"The most valuable features of CloudGuard CNAPP are its compliance engine and auto-remediation features."
"We like the ability to investigate, analyze, and generate reports."
"It presents a real-time database that is always updated."
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"The two most valuable features for us are the central firewall administrator and the real-time cloud compliance monitoring."
"This platform has allowed us to collect data from multiple sources, centralizing everything under a single source."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"It allows us to concentrate solely on identified vulnerabilities without the hassle of additional setup."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"Technical support has been helpful and responsive."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"The impact analysis that they perform can be improved. It is currently lacking. It should be more detailed."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"Their service needs improvement."
"There are opportunities for improvement that can be addressed through a roadmap."
"The false positives can be annoying at times."
"The tool has a lot of potential, but today, it lacks a lot of Scripts/Bots for Azure."
"I strongly advise that the multi-layered security system of Check Point often undergoes updates and new versions keep coming."
"I’d like to see more integration with third-party tools. For example, it would be helpful to have an integration between Dome9 and ServiceNow to manage security incidents and security changes."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"The initial setup was a bit "tweaky" for the open-source version."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
"There are numerous outdated exploits in their database that should be updated."
"It is necessary to add some training materials and a tutorial for beginners."
"Rapid7 Metasploit could be made easier for new users to learn."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
Check Point CloudGuard CNAPP is ranked 6th in Vulnerability Management with 64 reviews while Rapid7 Metasploit is ranked 12th in Vulnerability Management with 18 reviews. Check Point CloudGuard CNAPP is rated 8.6, while Rapid7 Metasploit is rated 7.6. The top reviewer of Check Point CloudGuard CNAPP writes "Threat intel integration provides us visibility in case any workload is communicating with suspicious or blacklisted IPs". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Check Point CloudGuard CNAPP is most compared with Prisma Cloud by Palo Alto Networks, Wiz, AWS GuardDuty, Microsoft Defender for Cloud and Darktrace, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Darktrace. See our Check Point CloudGuard CNAPP vs. Rapid7 Metasploit report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.