Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Dome9 has improved our organization; we have a centralized view of all of our assets, our visible assets our ECs, our inventories. And then all the policies are centralized, and it is easier to manage because everything is one component console."
"People implementing this solution are concerned with addressing a significant risk, and within the AWS realm, this tool does de-risk substantially."
"All of the features are very useful in today's market."
"The reporting against compliance is an important feature that helps you comply with policies and standards within your organization."
"Assets Management as it provide complete visibility of our workload inkling EC2 instance or Serverless"
"It helps us to analyze vulnerabilities way before they get installed in production and the web. It gives us more security in the production environment."
"This product provides a really nice visualization of the infrastructure, including network topology, firewalls, etc."
"On Dome9, you can have reports on compliance, users created, and EAM access to the cloud infrastructure. For example, if some machine is exposed to the Internet, importing and exporting to the Internet when it shouldn't, we get immediate alerts if someone does this type of configuration by mistake. Dome9 is very important because AWS doesn't protect us for this. It is the client's responsibility to make sure that we don't export things to the Internet. This solution helps us ensure that we comply with our security measures."
"It's not possible to do penetration testing without being very proficient in Metasploit."
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"It contains almost all the available exploits and payloads."
"The most valuable feature for us is the support for testing Linux-based web server components."
"The reporting on the solution is good."
"All of the features are great."
"I would like to see Test B functions at the application access level."
"I would like to see some AI on the back-end, just to assist with doing analysis and making recommendations."
"Dome9 should also support deployments that are on-premises and in a hybrid cloud."
"The price of this solution should be reduced so that it is more affordable to scale."
"It should capture more information in metadata including communication detail. Also, Internal IP addresses should not be tracked as this might be having some compliance issues."
"Automatic remediation requires read/write access. When providing read/write access to third-party applications, this can add risk. It should have some options of triggering API calls to the cloud platform, which in turn, can make the required changes."
"We were demotivated by the lack of native automation modules for the Terraform and Ansible tools."
"The main issue that we found with Dome9 is that we have a default rule set with better recommendations that we want to use. So, you do a clone of that rule set, then you do some tweaks and customizations, but there is a problem. When they activate the default rule set with the recommendations and new security measures, it doesn't apply the new security measures to your clones profile. Therefore, you need to clone the profile again. We are already writing a report to Check Point."
"The initial setup was a bit "tweaky" for the open-source version."
"Metasploit cannot be installed on a machine with an antivirus."
"It is necessary to add some training materials and a tutorial for beginners."
"Better automation capabilities would be an improvement."
"The solution should improve the responsiveness of its live technical support."
"At the time I was using it, the graphical user interface needed some improvements."
Pricing and Cost Advice
"It is a very straightforward licensing model that is based on the number of assets you are discovering and managing with the solution."
"The licensing and costs are straightforward, as they have a baseline of 100 workloads (number of instances) within one license with no additional nor hidden charges. If you want to have 200 workloads under Dome9, then you need to take out two licenses for that. Also, it does not have any impact on cloud billing, as data is shared using the API call. This is well within the limit of free API calls provided by the cloud provider."
"I suggest that you pay attention to the product pricing because while there are no tricks, and the licensing model is transparent, the final numbers may surprise you."
"Right now, we have licenses on 500 machines, and they are not cheap."
"I use the open-source version of this product. Pricing is not relevant."
"It is expensive. Our license expired, and our company is not thinking to renew because of our budget."
"The great advantage with Rapid7 Metasploit, of course, is that it's free."
Questions from the Community
Top Answer: All of the features are very useful in today's market.
Top Answer: Dome9 should also support deployments that are on-premises and in a hybrid cloud. This solution needs DLP support.
Ask a question
Earn 20 points
out of 23 in Cloud Workload Security
Average Words per Review
out of 36 in Vulnerability Management
Average Words per Review
Compared 37% of the time.
Compared 17% of the time.
Compared 10% of the time.
Compared 4% of the time.
Compared 4% of the time.
Compared 51% of the time.
Compared 12% of the time.
Compared 11% of the time.
Compared 7% of the time.
Compared 1% of the time.
Also Known As
CloudGuard Dome9 is a comprehensive software platform for public cloud security and compliance orchestration. Using Dome9, organizations can visualize and assess their security posture, detect misconfigurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud. Dome9 delivers security capabilities across Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP). Learn more about Cloud Security Orchestration (Dome9)
Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.
Learn more about Dome9
Learn more about Rapid7 Metasploit
|Symantec, Citrix, Car and Driver, Virgin, Cloud Technology Partners||City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University|
Financial Services Firm44%
Computer Software Company22%
Computer Software Company37%
Comms Service Provider15%
Financial Services Firm6%
Comms Service Provider32%
Computer Software Company26%
K 12 Educational Company Or School4%
Dome9 is ranked 2nd in Cloud Workload Security with 9 reviews while Rapid7 Metasploit is ranked 7th in Vulnerability Management with 5 reviews. Dome9 is rated 7.8, while Rapid7 Metasploit is rated 7.4. The top reviewer of Dome9 writes "The IAM role gives us complete control over the cloud environment". On the other hand, the top reviewer of Rapid7 Metasploit writes "Straightforward to set up, and helpful for moving from development to production". Dome9 is most compared with Prisma Cloud by Palo Alto Networks, Prisma SaaS by Palo Alto Networks, Check Point CloudGuard SaaS, Microsoft Cloud App Security and Qualys VM, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Wireshark, Rapid7 InsightVM, Qualys VM and Snyk.
See our list of .
We monitor all Cloud Workload Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.