We performed a comparison between BMC TrueSight Vulnerability Management, Rapid7 InsightVM, and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Takes reports from other vulnerabilities."
"The most valuable features of Rapid7 InsightVM are the accurate level of scanning and the workflows are good."
"The most valuable feature is the vulnerability scan."
"I really love the new platform. It is really easy to understand, use, and deploy."
"The assessment is most valuable."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"The solution works well."
"The performance is good."
"The solution is good because it has a lot of options."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"The Search Engineering feature is good."
"The reporting on the solution is good."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"No third-party applications or integrations with additional software solutions."
"Rapid7 InsightVM, has impressive capabilities, especially when it comes to managing video equipment. However, we've noticed that Rapid7 also offers a cloud solution called CloudSec, and we don't have that. We think it would be better if InsightVM had all the features for both on-premise and cloud management."
"We are a registered reseller and a trusted partner. However, for us to get any support from them I can't log a call directly with Rapid7 InsightVM. I have to work with the distributor to log the call for me."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
"Rapid7 InsightVM could be easier to use for those who are using it for the first time."
"There is room for improvement on its cloud side. In the next release I would like to see better reporting."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
"The team needs to improve the speed and focus on the new bandwidth feed. Sometimes, it takes a while to scan, especially with new updates."
"I think areas with shortcomings that need improvement are more integration and automation."
"The initial setup was a bit "tweaky" for the open-source version."
"The solution should improve the responsiveness of its live technical support."
"Rapid7 Metasploit could be made easier for new users to learn."
"There are numerous outdated exploits in their database that should be updated."
"At the time I was using it, the graphical user interface needed some improvements."
"If your company's patch is not up to date, but you have other detection or defense solutions such as endpoint detection and response and antivirus software, the product exploit may not work effectively. This is because its exploit database update process is slow and not real-time. For zero-day vulnerabilities or new security threats, relying on Rapid7 Metasploit alone may not be effective."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
Earn 20 points