We performed a comparison between BMC TrueSight Vulnerability Management, Qualys VMDR, and Rapid7 InsightVM based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Takes reports from other vulnerabilities."
"The reporting is fine."
"I am impressed with the VMDR feature."
"The most valuable feature of the solution is the external channel."
"It's stable and quite reliable."
"This solution gives us insight into our environment and improves our security. It helps us to maintain a good patching system whereby we know that XYZ is vulnerable within the system."
"The Vulnerability Management and Patch Management features are the most valuable features of this solution."
"The most valuable feature is the connection of threat intelligence information with identified vulnerabilities, which means you can prioritize vulnerabilities according to actual attacks."
"There are fewer false positives when using this solution."
"We can create our own templates."
"The remediation project is a pretty effective because it allows us, as clients or countries, to choose specific assets and set limitations on them for a certain period which allows us to track and follow up on those limitations. However, when it comes to real-time monitoring and live dashboards, InsightVM doesn't quite fit the bill. It's not a real-time solution and is not instant."
"I rate InsightVM eight out of 10 for ease of setup. It takes two or three engineers to deploy. The solution requires some maintenance. It's mainly cleaning up data."
"The most valuable features are its reporting capabilities and the host discovery functionality."
"InsightVM's most valuable feature is risk scoring, a formula based on different vectors like the ease of exploitation and the availability of the machine."
"The feature that I have found most valuable is its dashboards."
"Using Rapid7, we can install a scan engine, we can do our VPN connections, and we can conduct internal scans of remote sites. We prefer the web application. It's smarter and more accurate from an application perspective."
"I liked the dashboard on it. I could customize my dashboard with different widgets and different heat maps."
"No third-party applications or integrations with additional software solutions."
"I would like to see more accuracy in detections, better reporting capabilities, and better dashboard download capabilities."
"Some of the older features could be polished instead of focusing on releasing new features."
"If anything, I would like to see the user interface modernized a bit more."
"Improve the user interface."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"It is more expensive vs. other products on the market."
"The reporting in this solution can be improved."
"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution."
"A definite improvement would be to make it easier to run ad-hoc scans without needing to assign the asset to a site or group."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"We have some issues with how it scans patches."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"They should improve the cybersecurity feature of the solution."
"There are not enough templates, and the reporting is weak with this solution."
"There is room for improvement on its cloud side. In the next release I would like to see better reporting."
Earn 20 points