We performed a comparison between BMC TrueSight Vulnerability Management, Rapid7 InsightVM, and Skybox Security Suite based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Takes reports from other vulnerabilities."
"Rapid7 have a good distribution network with good support and market presence."
"InsightVM offers a robust platform for identifying, prioritizing, and addressing vulnerabilities across an organization's IT infrastructure."
"The most valuable feature for me is the risk calculation based on monthly effects."
"It is good and fits well with pretty much all of our use case needs."
"The product's initial setup phase was very easy."
"The solution is good because it has a lot of options."
"Rapid7 InsightVM has given us a practical view of the vulnerabilities present in our organization."
"It's a relevant management tool."
"The solution's simplicity of use is its most valuable feature."
"The revalidation and policy recertifications are most valuable."
"The solution's most valuable and unique assets are the vulnerability management and change management solutions because they identify mistakes in the network before implementation which reduces risks."
"I think that compliance checks and policy compliance are the product's good features."
"Aside from Firewall Assurance, we are using Network Assurance and Change Manager for an overview of the whole network and for documenting requests and the recertification of the ruleset."
"The most valuable features of Skybox Security Suite are all the modules that are provided, such as vulnerability assessments and network, and firewall assessments."
"The ability to appropriately prioritize vulnerabilities inside the environment, and then to have visibility into the traffic and rule sets of an organization, are two of the top capabilities that I recommend. Skybox is the only one that does both of those in a single platform."
"The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines."
"No third-party applications or integrations with additional software solutions."
"There should be containerization within the VM."
"The integration with other solutions like JIRA could be better. Perhaps there could be some additional updates in the next phase that could integrate with it, so then you can proceed with the VT much easier."
"It is still not a fully cloud-based solution. It will be helpful for customers if it is a complete cloud solution. It is a hybrid solution at the moment."
"The solution needs to improve its vulnerability design to include CVC results."
"The reporting could be better."
"Some difficulties with the online reporting and lack of integrations."
"One area I would like to improve in InsightVM is its integration with other solutions."
"Some of our customers want to be completely cloud based, and Rapid7 doesn't offer this as an option."
"The price is costly, and I hope they can reduce the cost."
"If anything could be improved it would be staying on top of the collector scripts, but I understand that's a very tough challenge."
"Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution."
"The Network Assurance, which helps to create the network model, is not so rich."
"The solution was quite technical. It would be easier to manage if the solution was more specific about aspects of the solution and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything."
"The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment."
"The most recent update was not tested with all of the vendors before it was released, so some of the features are misbehaving."
"Reporting. A lot of the reports, out of the box, are limited to a certain number of either configuration violations or access rule violations. So when you first set up a new firewall to be monitored by Skybox, you don't get a real full report. You have to really tweak it to get everything."
Earn 20 points