We performed a comparison between Rapid7 InsightVM and Splunk Enterprise Security based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."The performance is good."
"Rapid7 InsightVM has given us a practical view of the vulnerabilities present in our organization."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"The solution scales well."
"The most valuable features are its reporting capabilities and the host discovery functionality."
"The solution works well."
"It is a stable solution."
"The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."
"Our clients use the solution to find any threats or vulnerabilities inside their environment."
"I have also been able to take advantage of some of the more complex statistical capabilities when analyzing logs."
"We have created a few custom use cases for Splunk that have helped us detect threats faster. For example, we set up endpoint-related data models and specialized setups for various scenarios. It's more efficient than some other products I've used."
"It helps streamline troubleshooting and log analysis."
"We solve issues that we previously could not since we now have the data."
"The solution's most valuable features are the granularity and analysis of the logs."
"One of the most valuable features is threat hunting. We can do threat hunting and identify if there is any malicious activity happening within our environment, which is a key feature for us."
"Splunk gives my clients the ability to bring multiple, disparate types of data together, then correlate and report on them."
"Within InsightVM, there is no feature to assign a ticket. If we can have more API calls, we can do that from InsightVM."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"In terms of improvements, its price could be better. Our main issue with Rapid7 is that it is too expensive. You can only sell it to enterprise accounts. In terms of new features, Rapid7 came up with a product called InsightIDR a couple of years ago, which is a good SIEM solution. We expect that Rapid7 will work on some sort of integration between InsightVM and InsightIDR, where vulnerability or anomaly detected by InsightVM can be reported in InsightIDR in some sort of real-time. Rapid7 doesn't patch. For example, if you have a vulnerability, some products can scan and also do the patching, but Rapid7 does not do the patching. It would be nice if it can also patch."
"It would be great to have a mobile application client. Currently, you have to use a mobile web browser on a device, but it is not similar to the desktop web browser in terms of user experience. It would be nice to have a mobile application to access the platform."
"There are not enough templates, and the reporting is weak with this solution."
"There was functionality present previously, however, currently, we can't integrate directly with Jira Service Desk - only the cloud version."
"The reporting could be better."
"There are certain limitations because of the product being used on a hybrid model. Rapid7 InsightVM doesn't offer a solution purely in the cloud."
"The case management area of the ES could be improved. The ability to move cases through various stages and states. The ability to close a case would be key improvement."
"Queries are not always as easy or straightforward as they might be, so it can be difficult to figure out what you need to look for."
"While Splunk offers SOAR as a separate product, integrating it into the next version of Splunk Enterprise Security as a unified solution would be beneficial."
"It can be tough to determine if you are getting all of the value out of your investment at times."
"Splunk Enterprise Security has not helped reduce our alert volume."
"The user experience could be improved."
"Some of the queries are difficult to run and have room for improvement."
"The solution could use a different licensing model."
Rapid7 InsightVM is ranked 4th in Risk-Based Vulnerability Management with 55 reviews while Splunk Enterprise Security is ranked 1st in Security Information and Event Management (SIEM) with 251 reviews. Rapid7 InsightVM is rated 8.0, while Splunk Enterprise Security is rated 8.4. The top reviewer of Rapid7 InsightVM writes "You can scan a network, and receive recommendations to address vulnerabilities with the click of a button". On the other hand, the top reviewer of Splunk Enterprise Security writes "It has a drag-and-drop interface, so you don't need to know SQL or Java to construct a query ". Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VMDR, Tenable Security Center, Microsoft Defender Vulnerability Management and Wiz, whereas Splunk Enterprise Security is most compared with Wazuh, IBM Security QRadar, Dynatrace, Elastic Security and Microsoft Sentinel.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.