Anonymous UserHead of Cybersecurity Assurance & Controls Director at a tech services company
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The reporting features are good and there are many built-in reports that can be quickly configured."
"The most valuable feature is that it provides a simple English recommendation on actions that you need to take once a vulnerability is discovered."
"The most valuable feature for us is the different types of reporting it provides."
"We feel the interface is very good. It is very easy to use, even a nontechnical person can use it."
"The most valuable feature is the site scanning, where we can provide a complete subnet and what it is we need to scan on those devices."
"There are many integrations with things like the VMware NSX that are great, the reporting is really solid."
"It's easy to use. It's fast, it's a powerful easy to access tool."
"This solution is very easy to use and easy to install."
"The most important aspect of the solution is that it rarely gives false positives, especially compared to other products. It provides very clear reports for our IT teams to look at."
"The main functionality of identifying item endpoints that weren't properly patched or had vulnerabilities is the solution's most valuable feature."
"Building policies is not that easy. There are some things that are turned off by default, for example, displaying values."
"The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster."
"This solution integrates with another module in Metasploit, that doesn't exist in the other solutions. It is subscribed to on our roadmap, but we chose to implement both Nexppose and AppSpider."
"The reporting has room for improvement. You cannot customize any report. If I need a specific requirement, I have to create a new report for it."
"The reporting is a little bit tricky because it can be difficult to exactly pinpoint some of the assets to filter them and generate a report."
"Some difficulties with the online reporting and lack of integrations."
"The InsightVM cannot scan if we connect to our customer by the VPN."
"It would be nice to have an additional feature that would provide reports on who has logged onto the console or who did what on the console."
"There needs to be much clearer instructions surrounding scanning."
"We found that after you passed an endpoint, it didn't always reflect it in the next scan. I'm not sure if it was a glitch or some issue with the product's software. That was never clear. That was always an issue and something that definitely needed improvement."
"This solution is expensive, but it's fine for us as we have an open budget for security solutions. Protection and having the system secured is more important."
"The license is IP based. How many IPs you are using to scan is the amount of the license you have to buy. The number of users doesn't matter; many users can use it or only person. It depends on the culture of the organization."
"Our licensing costs are somewhere around $40,000 annually. There are no additional fees."
"The licensing is asset-based and very straightforward."
"Its price is too high. My only concern or issue with Rapid7 is its pricing."
"Comparing the price with the value that we receive, I am not happy with it."
"The license is annual and this is the optimal approach when it comes to most software."
Earn 20 points
IBM Guardium Vulnerability Assessment scans data infrastructures (databases, data warehouses and big data environments) to detect vulnerabilities, and suggests remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes and misconfigured privileges.
Rapid7 InsightVM is the vulnerability assessment tool built for the modern web. InsightVM combines complete ecosystem visibility, an unparalleled understanding of the attacker mindset, and the agility of SecOps so you can act before impact.
IBM Guardium Vulnerability Assessment is ranked 12th in Vulnerability Management with 2 reviews while Rapid7 InsightVM is ranked 2nd in Vulnerability Management with 14 reviews. IBM Guardium Vulnerability Assessment is rated 8.0, while Rapid7 InsightVM is rated 8.0. The top reviewer of IBM Guardium Vulnerability Assessment writes "Good reporting, integrates well, and vulnerability assessments can be performed quickly". On the other hand, the top reviewer of Rapid7 InsightVM writes "Broad capabilities make this scanning solution able to cover a lot of ground". IBM Guardium Vulnerability Assessment is most compared with Tenable Nessus, Qualys VM and Tenable.io Vulnerability Management, whereas Rapid7 InsightVM is most compared with Tenable Nessus, Qualys VM, Tenable SC, Tenable.io Vulnerability Management and Rapid7 Metasploit. See our IBM Guardium Vulnerability Assessment vs. Rapid7 InsightVM report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.